CA2641558A1 - Method and apparatus for content protection in wireless communications - Google Patents
Method and apparatus for content protection in wireless communications Download PDFInfo
- Publication number
- CA2641558A1 CA2641558A1 CA002641558A CA2641558A CA2641558A1 CA 2641558 A1 CA2641558 A1 CA 2641558A1 CA 002641558 A CA002641558 A CA 002641558A CA 2641558 A CA2641558 A CA 2641558A CA 2641558 A1 CA2641558 A1 CA 2641558A1
- Authority
- CA
- Canada
- Prior art keywords
- content
- mobile station
- secure
- remote
- keys
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000004891 communication Methods 0.000 title description 10
- 238000004590 computer program Methods 0.000 claims description 2
- 239000003795 chemical substances by application Substances 0.000 description 10
- 230000001413 cellular effect Effects 0.000 description 4
- 150000002500 ions Chemical class 0.000 description 4
- 101150052147 ALLC gene Proteins 0.000 description 2
- 101100384355 Mus musculus Ctnnbip1 gene Proteins 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- IRLPACMLTUPBCL-KQYNXXCUSA-N 5'-adenylyl sulfate Chemical compound C1=NC=2C(N)=NC=NC=2N1[C@@H]1O[C@H](COP(O)(=O)OS(O)(=O)=O)[C@@H](O)[C@H]1O IRLPACMLTUPBCL-KQYNXXCUSA-N 0.000 description 1
- 101150034533 ATIC gene Proteins 0.000 description 1
- BSYNRYMUTXBXSQ-UHFFFAOYSA-N Aspirin Chemical compound CC(=O)OC1=CC=CC=C1C(O)=O BSYNRYMUTXBXSQ-UHFFFAOYSA-N 0.000 description 1
- IVRMZWNICZWHMI-UHFFFAOYSA-N Azide Chemical compound [N-]=[N+]=[N-] IVRMZWNICZWHMI-UHFFFAOYSA-N 0.000 description 1
- 102100026413 Branched-chain-amino-acid aminotransferase, mitochondrial Human genes 0.000 description 1
- 101000935638 Homo sapiens Basal cell adhesion molecule Proteins 0.000 description 1
- 101000766294 Homo sapiens Branched-chain-amino-acid aminotransferase, mitochondrial Proteins 0.000 description 1
- 101150058768 Ica1 gene Proteins 0.000 description 1
- 241001108995 Messa Species 0.000 description 1
- 101100390735 Mus musculus Figla gene Proteins 0.000 description 1
- 240000008881 Oenanthe javanica Species 0.000 description 1
- 241000375392 Tana Species 0.000 description 1
- 239000007983 Tris buffer Substances 0.000 description 1
- DOQPXTMNIUCOSY-UHFFFAOYSA-N [4-cyano-4-(3,4-dimethoxyphenyl)-5-methylhexyl]-[2-(3,4-dimethoxyphenyl)ethyl]-methylazanium;chloride Chemical compound [H+].[Cl-].C1=C(OC)C(OC)=CC=C1CCN(C)CCCC(C#N)(C(C)C)C1=CC=C(OC)C(OC)=C1 DOQPXTMNIUCOSY-UHFFFAOYSA-N 0.000 description 1
- 229940072293 axid Drugs 0.000 description 1
- 210000000941 bile Anatomy 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 150000001768 cations Chemical class 0.000 description 1
- 229940116800 covera Drugs 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- DOBMPNYZJYQDGZ-UHFFFAOYSA-N dicoumarol Chemical compound C1=CC=CC2=C1OC(=O)C(CC=1C(OC3=CC=CC=C3C=1O)=O)=C2O DOBMPNYZJYQDGZ-UHFFFAOYSA-N 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- JFUIHGAGFMFNRD-UHFFFAOYSA-N fica Chemical compound FC1=CC=C2NC(C(=O)NCCS)=CC2=C1 JFUIHGAGFMFNRD-UHFFFAOYSA-N 0.000 description 1
- SGXXNSQHWDMGGP-IZZDOVSWSA-N nizatidine Chemical compound [O-][N+](=O)\C=C(/NC)NCCSCC1=CSC(CN(C)C)=N1 SGXXNSQHWDMGGP-IZZDOVSWSA-N 0.000 description 1
- 230000010287 polarization Effects 0.000 description 1
- 108090000623 proteins and genes Proteins 0.000 description 1
- 238000001228 spectrum Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/109—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by using specially-adapted hardware at the client
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
Abstract
Disclosed is a method for securely presenting content in a mobile station. The mobile station may have a smart module, a security agent, and an air interface for communicating with a content provider and with a remote content rights manager. The smart module stores content presentation units and has a proxy content rights manager for when the mobile station is unable to receive secure content keys from the remote content rights manager using the air interface.
In the method, content presentation units are transferred from the remote rights manager to the smart module for storage. Secure content keys are requested from the smart module for allowing presentation of content requested while the mobile station is unable to communicate with the remote rights manager. The secure content keys are transferred, based on a stored content presentation unit, from the proxy content rights manager to the security agent for allowing content presentation.
In the method, content presentation units are transferred from the remote rights manager to the smart module for storage. Secure content keys are requested from the smart module for allowing presentation of content requested while the mobile station is unable to communicate with the remote rights manager. The secure content keys are transferred, based on a stored content presentation unit, from the proxy content rights manager to the security agent for allowing content presentation.
Description
METHOD AND APPARATUIS FOR CONTENT
PR.E...-T1'.C.E ION IN WIRELESS COMMUNICATIONS
Clai.mo1;' Priority tincl;er 35 U.S.C. 119 "('h.e present ApplÃoatÃon. BQl' Patent ciatA31s priority to: .rlrot'isional Application No. 60/764,879 entitled "MET14013 AND A;Pl?ARA.TLS FOR CON"I'E;~~T
:l;':ROTECTION IN VVIR.E;LESS CCJNENIC:fi:iCATIONS" filed Febnlary 2006;
Provisional Application ~l~o. 60177~,742 e=iitit:led "~1E:THC?ir7 AND
APPARATUS :1"O:1;.
CrON"I'EN''):' RR4'3T1:~C' 'TI3N IN WIRELESS L"OMMUNl:C"A.TIONS' -i"iled March 3, 2006; and Provisional. Application No, 60/802.556 entitlecl "_NNIETHOD AND
A:1?'P.ARA.'1 L;'S FOR C(3N'T]`:N`t` PROTECTION IN WIRELESS
:tiieci May 19, 2006. These Provisic.~zial. Applications are assig=rÃecl to the assignee bez=ecaf a:ne1 ar=e hereby expressly irlcmpora:teti by reference :herein.
BACKGROUND
I~~ielsd 100021 'I'be present in4entic.~Ã1. rel.ates gene.rat}.F to wireless cu.iumunica.tians, and more specifically to coiitcnt ~.~srotecticin.
:Backgrountll (ot3ol The l-ield of conxmunica.t7oris I~~7.;; inany applications including, e.g., ~agiz)&
-wirc.~lesa local 1ec}ps, lntemet tel~,-phony, and satellite comm.unication systems. An ex.emi3t ar,y application is a cellular i:elel7htzne ss 4tern fiN mobile subscribers. (As ti5ee1 herein, tlxe terni "cellular" system encompasses 13ot1-i c.ellu:lal- atid personal cOMznux3ic<-WOD4 serVici4 (l?CS) sVstem freclxiÃ.ancics.) *,~.Incl:em communication sv4tC'.Y71a:
suc=h as a wireless comÃrzunicatxon system, clesigned to aIluw' n1t1Jt1ple LiSerS to aGCeSS a C03tIimo11 communications nii;dil7.ti1 l1F7.vL=` be-L'I7 d'.velt}pi:d 't.tlt' such ceIlCTtc.`~r systems.
`t'11ese modern coÃi3tiiuriicatioÃ-i systemk Ã.i'my =be based ou niult:iple access techniques such as code division n7ul.tiple accQss (CL~NI:A)Y time cliz.isicjti multiple access (TDMA), tiecluenc~r division i7itÃI-tipfe access (FUNIA), space division r~iLi1tiFle access kal`3:~~A.;1, j3olii1~~atioII division ?Ilult.IpIe a.cces6 (PDVLA), or other modulation techniques known in the art. These riiodulatroz3 techn#qLres deniadulate sÃgnal$ receivecl frarn zrlultiple usel-s of a COl'n:1111]:n.i.c=atiC?n. 4}iatfi:37.'.3z tbl=:rC'.l3V enabling an increase Eil tllf.' capacity of the co.E72171ui7.icat.E(31.'1 systeX17. 17t coÃ7.tieC$:f0n fhele'4vÃth, various wireless Com?17.u7?Ica1:AC'n sy;;te.tris have been established iiicl.uciirig, e.g., Aciva.ric=ecl.
'11flc3bi.le Pt-icrne Service (AMPS), Globai System 'kor.Mob.ile communication (Ci-SM), zifrd otlret' wireless systems.
100041 In FDMA. systcms, the total freclr.iency sPCL:truM is divided into a.
n.Lrnt.ber of smaller sub-bands az7d each user is gi4ei3 it~: own. sub-band to access the c=o#rrrra.u7rrcat:r~axr mediu.un. Alternatively, in 'l"DMA systems, tJte tOta.), frerlue.my spectrum is divided into a tiurriber t:i#: sxxtaller sdl3-batids, eaclr sÃ.abwlraJtd is shared aÃnoz~g a i7umber of users, and eaGil user is aiioNved to tratlsinxt in larecieteriiiiÃxed tiÃrie sicyts using tlaat sub-bazid. A
C:bM:A s4stei-i1 -provides potential a.dvmtagos ov-er other types of systcnxs, incluciÃng increased syst.eni ca-pacity, bt f:'D-M-A svste.ins, each user is aiver7 the eÃiti.re i~xequericy spectr^Ã.im for all crt thc time, but disting.aishos its transmission thr.ousrh. the use of a unique code.
~00 Ãt~~1 A CUMA systeirr may be ciesisrred to support vixe or r7xor-e. CDM.A
::tzurcie7rr3.s :;uclt a4 ~1} tl-ie "TIA/FHA-95-1:3 NM:c.~bile. S t:ztion- 1:3ase Stat.ioii C'oÃxrpa.i7bitity Siattdaqi for Dua1-N-tocle Wideband Spread Spectnrm Cellular Syst.oni" (the 1,9-95 staii.ciar=ci), (2) the standard offered by a G()I74L1rfiI.#II3 named "3r=ct Gertemt.iorr :P.arf.tter;ilip Projec;i:" (_3GÃ'P}
and ei-nbadied in a. set of docr.YZiients inc.iLrdiÃ-z~.~ r-ocunlent Nos. -'+C
TS 2;.`'~X :1, 3G TS
PR.E...-T1'.C.E ION IN WIRELESS COMMUNICATIONS
Clai.mo1;' Priority tincl;er 35 U.S.C. 119 "('h.e present ApplÃoatÃon. BQl' Patent ciatA31s priority to: .rlrot'isional Application No. 60/764,879 entitled "MET14013 AND A;Pl?ARA.TLS FOR CON"I'E;~~T
:l;':ROTECTION IN VVIR.E;LESS CCJNENIC:fi:iCATIONS" filed Febnlary 2006;
Provisional Application ~l~o. 60177~,742 e=iitit:led "~1E:THC?ir7 AND
APPARATUS :1"O:1;.
CrON"I'EN''):' RR4'3T1:~C' 'TI3N IN WIRELESS L"OMMUNl:C"A.TIONS' -i"iled March 3, 2006; and Provisional. Application No, 60/802.556 entitlecl "_NNIETHOD AND
A:1?'P.ARA.'1 L;'S FOR C(3N'T]`:N`t` PROTECTION IN WIRELESS
:tiieci May 19, 2006. These Provisic.~zial. Applications are assig=rÃecl to the assignee bez=ecaf a:ne1 ar=e hereby expressly irlcmpora:teti by reference :herein.
BACKGROUND
I~~ielsd 100021 'I'be present in4entic.~Ã1. rel.ates gene.rat}.F to wireless cu.iumunica.tians, and more specifically to coiitcnt ~.~srotecticin.
:Backgrountll (ot3ol The l-ield of conxmunica.t7oris I~~7.;; inany applications including, e.g., ~agiz)&
-wirc.~lesa local 1ec}ps, lntemet tel~,-phony, and satellite comm.unication systems. An ex.emi3t ar,y application is a cellular i:elel7htzne ss 4tern fiN mobile subscribers. (As ti5ee1 herein, tlxe terni "cellular" system encompasses 13ot1-i c.ellu:lal- atid personal cOMznux3ic<-WOD4 serVici4 (l?CS) sVstem freclxiÃ.ancics.) *,~.Incl:em communication sv4tC'.Y71a:
suc=h as a wireless comÃrzunicatxon system, clesigned to aIluw' n1t1Jt1ple LiSerS to aGCeSS a C03tIimo11 communications nii;dil7.ti1 l1F7.vL=` be-L'I7 d'.velt}pi:d 't.tlt' such ceIlCTtc.`~r systems.
`t'11ese modern coÃi3tiiuriicatioÃ-i systemk Ã.i'my =be based ou niult:iple access techniques such as code division n7ul.tiple accQss (CL~NI:A)Y time cliz.isicjti multiple access (TDMA), tiecluenc~r division i7itÃI-tipfe access (FUNIA), space division r~iLi1tiFle access kal`3:~~A.;1, j3olii1~~atioII division ?Ilult.IpIe a.cces6 (PDVLA), or other modulation techniques known in the art. These riiodulatroz3 techn#qLres deniadulate sÃgnal$ receivecl frarn zrlultiple usel-s of a COl'n:1111]:n.i.c=atiC?n. 4}iatfi:37.'.3z tbl=:rC'.l3V enabling an increase Eil tllf.' capacity of the co.E72171ui7.icat.E(31.'1 systeX17. 17t coÃ7.tieC$:f0n fhele'4vÃth, various wireless Com?17.u7?Ica1:AC'n sy;;te.tris have been established iiicl.uciirig, e.g., Aciva.ric=ecl.
'11flc3bi.le Pt-icrne Service (AMPS), Globai System 'kor.Mob.ile communication (Ci-SM), zifrd otlret' wireless systems.
100041 In FDMA. systcms, the total freclr.iency sPCL:truM is divided into a.
n.Lrnt.ber of smaller sub-bands az7d each user is gi4ei3 it~: own. sub-band to access the c=o#rrrra.u7rrcat:r~axr mediu.un. Alternatively, in 'l"DMA systems, tJte tOta.), frerlue.my spectrum is divided into a tiurriber t:i#: sxxtaller sdl3-batids, eaclr sÃ.abwlraJtd is shared aÃnoz~g a i7umber of users, and eaGil user is aiioNved to tratlsinxt in larecieteriiiiÃxed tiÃrie sicyts using tlaat sub-bazid. A
C:bM:A s4stei-i1 -provides potential a.dvmtagos ov-er other types of systcnxs, incluciÃng increased syst.eni ca-pacity, bt f:'D-M-A svste.ins, each user is aiver7 the eÃiti.re i~xequericy spectr^Ã.im for all crt thc time, but disting.aishos its transmission thr.ousrh. the use of a unique code.
~00 Ãt~~1 A CUMA systeirr may be ciesisrred to support vixe or r7xor-e. CDM.A
::tzurcie7rr3.s :;uclt a4 ~1} tl-ie "TIA/FHA-95-1:3 NM:c.~bile. S t:ztion- 1:3ase Stat.ioii C'oÃxrpa.i7bitity Siattdaqi for Dua1-N-tocle Wideband Spread Spectnrm Cellular Syst.oni" (the 1,9-95 staii.ciar=ci), (2) the standard offered by a G()I74L1rfiI.#II3 named "3r=ct Gertemt.iorr :P.arf.tter;ilip Projec;i:" (_3GÃ'P}
and ei-nbadied in a. set of docr.YZiients inc.iLrdiÃ-z~.~ r-ocunlent Nos. -'+C
TS 2;.`'~X :1, 3G TS
2:5.212. 3G TS 25.213,. and 3Ci TS 25.234 (i:lre W..C;:131l1'1:A standard), aird (3) the st~z.i~.dard offered by a consortium named ":.~rd Ge~Yera~i~aÃr :~'artrtersi.~i~~~ Pr'Qject ?
(}G.!'P?} eu-id eit.rboriied in "'1'R-45.5 Physical :l:,asfer Sttlrxdtird for cdrraa2000 Spread 4pect.ruirt Systems" (the IS-2000 stakidard).
jW()6i In the above narn.eci MMA communication svsteÃrrs and standards, the a.vai:lable spect.tum is shared si.nt.ultartecsusiy among a number oi:'users, aiici suitable techniques are available to prc}-vicie services, such as voice and ciata. services.
[00071 Typical iYrob.ile subscribers use ci. rr-r.ohile, ,tation or te.az-rri.rral sucir. zts a mobile pIxr-iiie c.}r a lalitc.tla to accmess t.he wire.l.es4 communication svstern.
A. irlobiic station m~r~cr receive a.z3d play or store broaci.cast or muÃtica4t coDi.ert-t protected urider a digital rygtlrts mar.7a,emen:Ã scheme reqtririta.; communication Mth a rÃghts issue.r.
Hc.}Ni~ever, tlte rrrobile station rrray be outside of the covera4e area of the cellular telepiro.are systerrl, preventing play, of stored content. 'l'.tie.re is tl.r.eref.cyre a need in ttie art for a iirobil.e station coti.figured to permit play of larotecterl stored cotateiit, even -iviyeri outside of a covc:r.ag~,> area.
SUNIdY=lARY
1Oi)O.SI At3 aspect of the present Ãn.veri.ti.on r.t-tay t=e4id-e in a method for 5t:cureiv presenting content in a nxtsbi.le sta.ti.on. The mobil.Ã: stat.i.otx may i7ave.Y ar# air inte.r.face for cotrttrrun:icat,itig with a content provider :azid with a re:rtxote GoTt=te37.t fig}3t-s Ã:Ãi.anager, 1.
user .inter=';'ace -for receiving Oc.~.atetat reciuests and prese.Ãi:tizig catlterzt, a smart module, and a secut=it~v a;.~ertt. 'I'he sJi-tarà niodtÃ!e stcyres content presentation untts. a.tid has a j)rOxy content rio-his manager 'tc~r issuitig secure corttet}t keys v,,,ben tiie ti-iobile station, is unable to receive secure cc,tntcnt keys fronz tlie r.e=tt-ifatr: Ccantent rights rtxa.Ã7agger tÃsing, the air interface, '.i'he security agent securely receives secure content keys frot3-i tt-ie renitate cc}ntezit rights rt=tana;.:er aÃxd secr.arei>> traÃlsfcr4 secure cc?ntet7.t.
keys bo-h.vien the remote content rights man~4~e.r a:t7d the smart "Inodule. In the method, c=oliteÃit presentation units are transferred from the -reiit.oti: Loutent riu*}ttsnaanagUrtca the s:tmirt mc7duk~jur ;:taragL, using the air itttert:aci: a1id the security agent. A ~cc7nleÃzt presentation .t=c+ciuest is received vj-bile the t-nobile station is unable to c=on-trtxLtnis:a.te witli the remote content manager using the air interface. Secure content. keys a,Ã=e, t=etlue.;;tcd tron:t the smart moc9ule .fo~r allowing presetttatiozi n:i'the requested content. The sec=t.ire cotitent keys are transferred, based o7t rs.Ãie or rtiore af t:tae stored cc3.Ã-tteni: presentation cttaits, ~rotrz the proxy Lorttetit rigilits man a v er to the security kgent for e.Iiow~ing, presentation of the reclr.iest.erl cc~tatent.
100w] iti more detailed asl~ects ofti7t; iÃivetitio3i, the smru-t rtiocl-cÃle may, be a rcmovable sÃxiart.cat-d. `l"fze smart rÃ-t4duI.e t-ttay be a utiivet=sal subscriber identity tnodu:(e (UTSI?O), a removable user identity module R-UI~r1, or a cdma2flt3O subscriber icierttitv u=todule (CS:t Ni). A t least c.~zie content presentatimi utizt may define an allc.-~~-ved proxy ca.
Pabi.iity of the PÃ-e}-s';= conteiit ri-}tts manager, nia.y be atok-en indicating a ri,-,Fiat for presenting secure conterit, or ttiay he a credit. graÃt#:ing a .right t:or pres.ertti.tig secÃl.re corttc;ni...
00 t.1)l Additionally, tt-ie uontcnt provider nzky be a. broadcast ~-~c.}i-iteÃ-it provider and/or a t~1l1Xt]~~~f G~7~lt~'13t ~7.1't~\irlc.r. "I'lio method may further inclttde'transfert=irtg secure cont.e:t7i:
usage itzfoxmatiota f'rot~.~ the pro~xy content rights 1nztnager to the retzYote.~ writ.ent rights YÃxana~;e.a=_ a.nr1/or t'o the content pr[?vtde'r, when t:iae: mobile station is able to corrtr.nÃ.-rtic:Ã:te wit1l the remote coÃttetat manager usi..Ãz~Y the air .ititetFace. t:~~sa~,Fe statistics cc~~>et-iti~; each presentatic.~.n of a contexat segt=nent aiid/oz program may be 7naizita:inecl.
The cotitent seDn.em or prc?gyrttm u.saure stxtistic may be reported.
1001.1.1 I.Ãt. a:not:her more detailed aspect of the iA3veA3tto'ti, the secLire crr.Ãttent, keys ntay bE
encrypted by ti7o re.mot'.e ec)lt'ent 7tg}.t#.s mii.maaer. The tirtia.rt 7-i7ocllale may L9ecrypt the ericrypted secure cortteat. ke-.Ys and provide the cic;c=ry-gAcci secure c=ontei=tt: keys to the mobile station. based on one ar more atrai7ablc c:ontent presentatioti tinits.
Another aspect of t1-ie .rzivet3Ã:ioxi tnay reside in a rzlobite station including an air interface for cotnnitinicating witli acontexit p.rovide.r attd witka a remote content ?ights inana;;er, a Ltser interface for receiving Cnntent requests aATd p.resentriag.
content, a. smart innciule, and a secarÃÃ,y, kgent. 'rhe srnark niodule stores content presentation units and bas a prt}xy content rights manarer for issuing secuxe content keys when the mobile terminal is uiiabfe to receive secure eorttent l;:evs fron=t. the remote colitent jighzs manager t.tsing the air intert<ico. The sec-urity agent iecurely r,cei.ves sec:tire content keys t:roni the re.inc3te content rights tnatta~ye.r and securely trat=tst'ers secure content keys bL#;weez3 the remrite coiiÃew ri.E,hts mana<,er and the sn-.tar#: j-nortule_ The mobile station further itlcttttles mea.tt.S for ttar~st=e~iizt~, tasitig the air intert'7.ce a.iici the secur'ity a;?~ent., c:c}ntet7.t present.atyon ttni.ts frosn the remc}t(; content riglits manager to the smart module -fc7r Stora~.~e. nieans for .rr;ctL#e4ting; sect.tre c.oritei-it keys i'rorn the smiart z7iottale .{=or allowing presentation of the requested content Nvb.ile the mobile station is i.u-1al3le to Cat7?LnuJ.)i(;=c`fttv -'s'ih 'the reInClte content ma,#1ki~);er using the air .itlt'(;rfc"Fce_ and means -foi=
, s. based oxa one or ziiore of tlie stored ec.~i=tte.z7t presentatioti transferring secure content ke~y I'mits, from the Proxy conteitt riEx}Tt5 rnalt.ags'ir -to the security agent for allowing presentation ot'the reqLaested c.ot-ttent.
Y'et another aspect of the invention may residc is cc}inputr:r program product comprising ccaÃziptttex readable rziediuxn cotnpri.sziig code for causing a computer to transt'er, t#sinz a air i-we=rf't-tce xnci a secui=ity aaent of s, nic.rhile station, c-onterat Pz`esez3iatÃoz1 -ux3i-Es from a r`eniotc; content ~;~Ittti manager to a:;n-zt7.rt rnodtile of the mobile sta.ti.on tor stor;tge, cod.t: for causing a conapu.ter to rcqucst securc c~c,ai-itent 1<.eys from the s~txixt moci{i1e for allowing pre4etttatioti of- requested content -w-liile the inobiie sta.i.ior~ i.s unable to communicate witii the remote content manager using the air interface, and code for caus.ing a computer tx? securety, t#'anS.i=er secL-re eoatex3i: keys, based ori otie or xnore of the stored c~.~.i~tent presentation units, fi-orn the proxy content zzg-kats manager to tiie security a~er=tt -l~c~t= allowing presentation i-3t' Ã~ii~; requested c:c~r~te~-tt..
BRIE:lE<" il?~SCRIPT1:ON O`F y)C'HE DRANN':INGS
[00I4) FICa'. 1is an example of a'ti~ireless Cozrnnu'nication sysÃern;
[00151 FIG, 2 is a block r.iyaggrrynl ul' airlob.il.e. station 'llazrin~,~ a.
proxy content a=igl7t.`
rnama4er, in. accordance wntl-i an aspect. c?i'ttse ir~v-er-itio.n;
1O01.61 l.~.1:C3. 3) is a flow diagram of a ni~.~t1iocl for sec.Liruly preser.atiz~ab, content in a mobile statlozl; az3d 1.001.71 RG. 4 is a bloel,-. d.iaWam of a. system of BCNTC:S-b.ased content protection for playing previously streamed content.
DETAILED DESCRIPTION
1,001.51 .T'17e wc.i:rd "exemplar,-y" is Usetl 1ierein toniean "serving as an exainpl,e, i.nstas.iCe>
or illustration," Any c:mbodimemt described berein as "o+:enilalaryõ is not.
necessarily to be construed as preferred or a.elvanta4~~ciLÃs over otlier emborlin~erIts.
A..rc:n-lcyte:+tation, also knoitim as a mobile station {MS}, an access terminal (AT).
user eqtiipyiietit or subsceiher uxilt, insiy be, mobile or :;tatzt)na*,, and i2ia.y comzrtl.anioa.te -vvith one, or more base stations, also known as base tral-ssc=civer stations (BT5s) or iiode B;i. A .1'l-:I3"]C1t'e ,ti3.t7.oY1 tra.tl`'113.tt's and .rei,f'lZ%L'4 dc7.ta packets thY'C)L1,.;~1 C171f'. or t11t?re b&4E,' statiolis to a base station co7i.trol.le~, also know-n as radic.1 networl-. co .tro:llers (P.~-NTCs).
Base stations a:Jlci base station controllers are parts ot' a neowrc3.rk called an access network. An access network ta-aaaspoz-ts data pael;.ety-, between niultipte remote stations.
The access ne:hvrsrk ixiav be ftip.-ther ecilinectecl to additiorlttl ne=t",,orks otitsidr; the access netv~fo.tk, such as a coriiorate intranet or the tilt.emet, ax3d may transport data paCkets lawveen eacli rennote sta.ticin aiiti such outsicle networks. A remote station that has established an active traffic channel connection ,vith oxie or tziore base stations.is callerl ati active rern c}te st.atx oij, and is said tc.~ be in a trat'fic state. A
re~iclte station that is i:11 the lzrioces:~ of e:stabiÃshiag an aot.'uve tral:`t:rc cliaz3.neI connection z-v.itl2 one or n3ore base stations is said tf.i be in a conrloctÃc.~n setL:p state. A remote station may be a~-iv data device that c~.~lya7.munir.a:ies through a-,-virel:e4s cliarinel. A ren-iote station may.fia.rtber be any of a rattmber c.}f types of cie~~ices. including bitt iicat. limited tca .l'`C card, c:umpac=t t`lash, external or internal mocle7tl, oi- -wirel.e:;s l.ak3o.ne. The COrn1:r,U7tic:AiC37.1 Iiilk't}lrc?{aggh lsrtlich the reziiate station sends sigma:ls to the base station is called az-i up:lxzil:., also knoNv-n as a reverse Iirzh:. Tlie cz.~.mmuu.icatiozz. Iirrk tlrrc.~r.igh wh.icIl a base statlQi1 se.iiC1S sig#.1a15 to a Ã=eraa.ote st.aticrn. is calIed a ciownI.io.k, also kÃr.c.rvrr as a for=ward lin s-;.
JE1{32i1j Wztti ref.e.rcÃt.ce to F.igu.rc l, a -w.ireless co.mmucricadoxr system :100 iztetGxdes, otte ,oz- more wirs-:less mobile stations (NMS).102, one or more base st:ativns (BS) .104, ~iic or rnrrr.e base station controllers (13SC) '1 Ofi, aistl a. core network 10S.
Core network nÃaYr be conzrectcd toazr Internet 110 and a-Pz.Ãbl:ic 8%itched Telephoizc NotY-vork 112-1 via stl7t;a.t7.Ieba'1ck.hiTtlls. Atypi[:t].l w.Er,-,IeS.'~', Ãi1ob1IestatYL)i7.
lI]b?j7 7.fi. ',ll;idt: ,.t171211B7.di1eli:l. 1)hcJi'te, er a laptop computer. Wireless communication systeÃxr I00 z~iay enrplcsy any one of a number of multiple access tccliziÃques such as code divi:riorz r.ra.Lilti pte access (C::UI.OA), ti.i-ne division nrit:llilale access ('1UNIA), 1-:r=erluezrcv division rizLiltxple access (FUN7A.) space divi.sic)xr multiple a.ci.ess (aD_NIA), polarization division nxultipfc access (PUMA):
or other modr.}lat.iozi teclrnzclues known in the art..
10H0211 NNith mt`erezr.ct; to :FI~`'sS. 2 a:trd 3.; one aspeC~t. of the present izrvG:tition may reside in a metlrod 300 (FTC'.r. 3) for securely Pt'e.Se13tiÃly CÃzntezrt iir aivtobiie statiozr 1.02 (FIG. 2). The ii3oliile st:;:i:t4on rzrxy Iiat:c an air intert'we 20'-> tt>r comrxtzt:zicai.ing wit&r a.
cc~zrteiit provider 204 and with a z'emnteec)ntet2t ri.ggits Ãnawager 206, a trser irdeÃ't:as: e 208 t'or z=eceivÃzxgg content requests and presenting cont~.~ait 210, a szr~art niociu1e 212, and a security a=eat. 214. `nic ;rnart. module ktore5 ct7zrtent l~Ãeser~E~tic~zr uiiit.s 2116 ariii has a prc~-xy content rights zrianager 208 for issuing secure cozrtent keys 220 wher the mobile stati.ozà is uxial:?le to recei w=e secure content keys .ti-om the remote content rights mana._~.);er using the air i.nter:l's.ce. '.l'tie security agent securely rece.i~--es secz.Ãre content k.~Ys froiar the reriroir.~ Cozrtent figlAs staanager and .seczrrcly transfers scc:=ure coz7teÃal- ke~Ys between the remote cozitent riglits manager a:ncl, tlre sr-z3art znodule. lri tlie method _300, content presetita.tit?n LÃnits are transferred from the remote ccanter-t rights man,zg~~r to the smart 1110dt1lQ, tOr stOMPe, usÃzl1~ t:lre air xxrt.erface and the security acy~nt (step ~302). A content presentatic~:xi reciL7ist is received vv~hi.le the niobiic sta.tÃkxn is Ã.inablÃ: to communicate v'=itlY
the Ã=eitÃot~.~ r.i.iÃrteit .~~~~~~~~_>~.~r using the air .izrt:er}:ace (4tep 304). Secirre content keys are requested fron1 tl7e siaaaz't. rÃlociz3ie for allowing presentation of the requested co.ÃXtent (step 306). The 4ecure cw7t:ent keys are i.rarzs.fez=z=e:d, based nrt orte or more of the stored content presezit.ation units, from the pwxy content ngltts mana.ger to the secLrt^ity ag~.~at -Po-r allo~.~in4 p:a=csent:r:tiesrz of the requested content (step 308).
l;n .ixrc.~ree detailed aspects of the i.it.v-ezrtiozr, the content provider 204 may be a broadcast. content provicter= ancl/or a: 7nazltlca.st content prvvidc.r. Tlae mcxthtxdrrr.ayfuSt13LI' include trarzsferrir.7g secure conteiit usage information 222 i`ron-i tlse proxv corit.ent right:s mar-ztaer 2:I.8 to the .rerntzte contetit r.iglxts ni.a{uzger 206, and/or to t9i.c content pro>>idG.:t', wlierl the mobile statiori XQ2 is able to com.r17unicate Wit1i the re.mot:e corileÃit manager using tlie rÃ.ir .iMerl'ace 202.
1Ã1f32-31 The stna.rt t7.Ãoc9.ule 212.niixY be a rf''Ãt3.~.1vablt=`.
:i12ii3,!'t.Cc`l.rd. The smart I-modtl.lP.= may be a universal sLtbscribcr id~.~r~.ta.ty mcadul~.~ (USIM), a removable Ã.ise.r identity m.os.lul~.~.R-'t~IM:, or a c=d=2000 &Ã.Ãbscr.iber idetÃtity rilodule (C"41M). ,1.i: least Orle ccsrrtent:
presentati.on Lrnit M16 lnkv define an al.:l0wec1 proxy capability ot'the proxy conte.nt ri~hts niana;.;e.r, may be a token indicating a. ri;w'}i-t i`'or= presenting secure content, or n-lay be a credit gnanting,, a.right -kor presenting seca.rre ccsnterlt:.
1002=11 The tQcshniciue pr.ovicte4 for cflicacii.t. broadcast and multicast conte.nt. rights enforcement. The smart iiiodÃ.de 212 may act as a pri.~~y r's~.~hts isswer, r.ights enforce.r, and usage. reportc;r. Tl-rc remote rights manager 206 ni.ay load allty~~.-cM
proxy capabilities to the sma.r-t ri-todrÃle. The sma.r-t rriotiule n7ay issue a riglit.s object RC3 to the znallile :;#:a:ticfn 102. and uiav seri(i t:he ri.;his objects to the ren-iote rights manager pcrit7cl.ic:.a11y, or when in the covera;,~e o{' a base station 104 servirig the z-nobile siati:on 102. A ycc,LÃre communication chaiinel 224 may pes=riilt sectire, communications between the smaz~t n-roelule aÃici the sectrrii:y agent 214. The sce=tÃre contezit 210 may bc stored #a a secure content sto.re 226 of the mobile statiori :102.
li?t3~~1 The remote contezit rights rrrarza4we.r 206 may reside in the core network .108 (FIG. 1), crr in a netNvork server available tlir~.~ugh the irit.er.net 1 10.
Likewise, the c:oiil.eiit provider in.ay reside in the cz~are network 108, c.,)r in a netN.vork server availrible through the xnt.erÃ-ret 7 'I {l_ (Ãk)26j The reiilote con.terÃf 1i4slits manager 206 may encrTpt the soctÃre content keys 220. The seci.Ãre c-Ontezit: keys ~?= rzaav be stored in the encrypted farin iii the mobile statioll .An. encryption key u.sect to prc}tect the secure content keys znav be provided to tb~.a s.r7iart ziiodulc;'~?*I2) tl-.ir<YuXb secure bootstrarpix~g v7a t}Ãe ixiobi1e 6tat.ior3. Wberi the mobile station plays ciicr~~ pted content 21 0, it may pr4sG22t tl1E:
encrypted secur~:~ content ke4`;; to i:t3o smart Ã7ac7dufe, wbieh decrypts ttie k.eyq or-te by oÃie icizid supplie4 thern tii the mobile station, provided that content presentation unxts 216 are aviiÃl.al37f;.
I002'i1 Another aspect o.i'tFze invention mav reside i:a a mobile station 102 {Fi:GE. 2) irÃcIudirity wi air inter.t:ace 202, for comxnwii.catzrlg -w-zth a conteÃit proi~ider'04 azi-d ~vith a remote co3.ttetlt .t'.igh.i.s manager 206, x. user int.erface 208, .{or receiv7ng- con-tent a-eriue;;l.s and presenting content 210, a sinart tnOduile 212, arld asecÃ.r.rity agent 214. The smart u1od.ttlc: stores content Ia.resentHti.r,Ãrt tÃ.riits 21 6 arid has a ps=c3xv c=ontetit rig;hts n anager 218 for issuiFtg secure content keys 220 when tiie mobile station is trliable tt:) receive secure i:U11tL-;I31' keys '1.7'C)r3"t t,17.C', remote GfJ73'tent rights manager using tlic: air irxteÃ-1'ace. "i`lle securitz~ ~ger7t securely receives secure content keys .ii=om tlie rernote coitent ri4i7t.s nvar~agrer and s~.:cLÃreiy. transfers secLire content k-eys beuveez.i the remote contezit .rights tnana.ger and the szrla.rt rxaodule. The z-nt7bile statiori -fuz=t:lÃer i:ri.iludes xneeiÃa.s =1~or transferri.n;.õ, usirrg the air iziterface and the security agent, content p:resentatÃata units from the remote e=oritent riglifis irla.rla;wer to the srtia.rfi rtioduie for stor~..;e, rrtear7s ti).r requesting secure ccyiitent l;:eys from the s.1r.7ari ti-iodt.tte for allow~rinf~,~ ~~resez3t:atiL~.r}. c~x -tJ~e requested c;ontcnt whi.le the mobile station is t.Ãnabi.e tc.3 c:.c?rnmuni.Qate with tfxe re.mot.e content managl7er using the air interface; and means for tzarzsfer=rir3g secure content ltevs, based oii one or moro of the storM c:tynteiit presentation tÃrxits, fz=or-n tho proxy conterit right's manager to the seeurity kgent: for allowing presentation of the requested content.
iW281 Yet another aspect, of the ;Ãave.Ãzt.iUn. may reside is cmzaputo:r prc,~~r<t.m pi-odttc;t compr.isw~; computer readable tx3e;(tixÃYn coz pfisirtgy code for causing a corxlpt#ter to tr-aiXsf'er, usiixg, a <-~r interfa.ce .2,02 and a security agent 27.4 of a siaobile stati(an I02, content preset) tat:ion 'ur7.i-ts 216 l:r zn s. remot.e content rights m&nagge.r 206 to ;r. sznart.
module 212 of the mobile station fc>r storac)e, rade for ca-Lrsing aco.z1aputer to request secure cotiterÃt: keys 220 frc~.iii ci3e: sa-rlar't: r7rodu.ie for altc)-vv'irlg p.r'eGer7ta:tion of- requested cantent 210 while the .moi?iie station is unable to conirnunicate witil the .remate content nianagger using the air interface, kli~C`l. t;L~'. '1.'C~I' L"i~~Ãsist~ a computer to seeiÃaeI~Y transfer secLÃre cotrtexit key s, based on ot-re or -cnore of the stored conte. t presentation units, fron Y
the proxy content rights manager to the security agent for allc~~xfing presentation of th(-~
requested content.
iÃtt3y.9j One option tc}rBC1iICS-i.~a.sed content protection tctr stored previously streamed cot.rtett 402 may- bc: tiescriixed with reference to FIG. 4. A. terminal 404 (such as tl:re iizobiie station 102} asks permission to play the recorded c~uÃ1tr:iYt from a s.rnarteard 406 rsr tneclule. The srnartcax=tt act.s, a:: a pz=cixy rights issuer 408 'f't)r t}te terminal, T13e smttrtc.ard sends pjvviously stored traffic encryption keys (TEKs) based on pernaissiasl in a rights oiaject. (RO) 410 :received from the srtzart:eard. This may 1:3-aPpez3 even if tfre tertnÃnal is otÃt of the DC.MCS roverkge area_ "'iIeÃi network coverage is available, the =te.rrziizia.l sends a. report 412 of, uskae st~.'tisties to a :BCN9:CS
contrc7ller 414 or other network server 416.
1003,01 Another option =1'or 1r3CN1:CS--based content pratectroi] "1't?r stored pr=evitaÃtsly strear.ned. conter~t 402 may be described witla .reslaect=. to FI:Cc. 4.
W17ez3 7Ãet~~'tTr~. cC)cYer~<~e is available, -the t.orininal 404 rec~eives ROs -froirà a content provider 416 over a. channel that is latt-ps (hypertext transpcirt l.~rotc.}c:o), sec=L7rc) protected. The temitaa.l asks Pernlissiea=rà to Play the recorded content from the stx~artea,rrl 406. The smartcard acts as ,fits issuer 409 for tlie t.errÃiiÃial. The smartcsr=d sends prev.iously stored TEKs a proxy r.Ã;-based oii pernnitision in a ROrecei,,-,ed 1'rom the smart:ca.rd. This rnay lia.pF7exi even. .it'ttie terminal is oÃ.Ãt of the BCAM"S cov>erktge area. When netu=ork coverage is available, -the terniina1 ni.av send a report of 17sagr; statistics to the BCMCS controller or other iretwtark-ser4-er. `.li'he report may c=ontah7. detailed statistics sLicli as separate play ~.~.nce and repeat play- cases. The servic~:~ prcividez- may or may not charge for rease of the stored cont.cnt.
The termina.t ma41 seiid a reporfi 4'ff of Ã.zsage stat.istiLs to the c=omeÃ1tProv.ider 4'1E5, u:fhicii nmay allcnz the content provider to crus`-chicl;- usag~.a statisiic:: reported by #:k3e caervice pr~.'Ys`ide=r.
[W311 The usage st.atist.iÃ:. may include TEK. count, time-based accounting, pac=ket-b.ase,d accou.ni:ing, or a combina:tior:Ã t.lic-reot. The tenlliffl3.l 404 may pi~.~g-ybtt0k the report on other sivarzaliug znessages so tliat a separate report message may not be reciuired. The u,s~~.~e statistics x=nay be able to dist:iaiguislz bet:wecAi live streat-ning corttent, play (Y~' recorded cozi t.exÃt t:ronz. beginnzr7g to end, aiid user rew-iziding; of content in the middle of tlie e=wtent.. Usage statistic;s c=a,~:`ering each presentation cit` a coiit.eiit segaient wid./or progota.m niay l}e tnai.ntai. ed_ ':l'he co.t3tent segmeJÃt. or program usage statistic n-iay be report.cd, 10032) The );3C1V1:CS coarolle.r 414 rxiav seÃid a broadcast access key {B}1.K) to the smcÃrtcard. 406 via the naolaile ternxbiai 404. A short-tenr7 key messa~o (ST
~; ~fl) ma3 be sent 'rrE7.tn the 13C'MC'S cont.rt,llcr to =tlte szn2rtcard 406, or it may he seni: by 813CAST
st~rvice distrilaution/xtcl;q.station {BSDk) unii. The sma.rtcard i-na.y send.
tl-ie short-te:m-I
(S:1Q to the "ecLirity a.geii t: 418 on -the- tern-iinal. The se:curit.y a~er<t is ri~sted t~.t) d'Ãscard the SK after LYse.
1003:31 Az3oi:lÃer o-lyt.ir~ii for BCAIt:S,-hased coatent: protection #or stc:)rerl previously streamed centex~t 4021 may be described again A-vith re#erezÃ.ce to FIG. 4_ Whea networ.h.
coverage is a.vailable, t:11e tezxninal 404 receives ROs 410 frorÃ-i a content provider 416 .l~
over a. channel that is https protected. Tiie terminaI xna~ be able to store cozitent encryption keys lc}cal.]y. The tcrrni.na1. asks Pca=r.nission to PI.ay the recorded c:cfntcr7.t from the s.rna:rtcard 406. The s'nxartcard acts as a proxy rights issuer 408 for the te.t:m.ir7a.1. I'ri anuffier va.t=iat.ion, the snartcxa.rd (C.S) 3M: or R-UM) curx3ptÃtes aiid sends cor.itera cncryptlon keys to the 1:errnina1 base(i QE3 per'iiti.sfiie>ri in a RO
received f:roni the contcnt provtdÃ.'r. The er<cÃ~ypflOn. keys may be 4c1it oVCl' a secure cbaniicl 420.
This may happen ei=rrzi if f:lae terrz7inal is out o1' the BC::i4IC'S coverkgc a:c-ea., When. ra.ci:-'vork' coverage is available, the terrii.zzaal sends a report of plav once usage statistics to tlie BCMCS controller or other ncvvv&k. se.rver. `1`hc service provider may r7oi:
(or='i.s rarxablc to;) charge.lior multi-play or rease of thc st:orcd ct7nteiit. `Fhe tern-ii.na1 may 5crxd a report 412' ot usage statistics to the coiitc.nt provider, which m.kyal.law the contQr7t providur :1c) cxoss-c~iec.k usage statistics.reporÃed by Ãlle service p.rovida.r.
[(H)341 The smÃ=r;rts:ard-ba.scd RO control rr-iay be scnt via. a ko)r message l,STKNI or loIr-term key mesmge (.1-TIK:1L.1). The RO may indicate xi ghfis to play oricc record, play I3:11:1ltIk3tL=', ti211es, etc. The tecbI3.rL'(u=G' Tna\i be trsect -f(.)z' both multimLdia broadcast rliulticasi:
;;ervice; (MBX-IS) and broadcast and multicast qervic:e (BCN1:C-8).
[00351 Tlxosc of skill in the art ulitlerstarici that irrt'ori-na.tÃ~.rn and signals may be represented u4in=.~ attv' ot a. variety of diff'c.rc.ni: i.cctmolqgie;; and t.eciu3.iclues_ For e~:ample, data, Ã.nstrLictions, commands, information, signals, bits, symbols, anr;i. chips that i-raav be referenced i:iar=ou~hntrt i:irc above description rziay be represented by Volta.gas, cLrrrents, electr~.~.nÃa.;;zac:tsc waves, niagnetic flelds or pa.rti.cies, optical fields or particl:es, or Ãtny- cor:1ibir.~ation thereof.
10Ã336j Those of s:k.ill would fLird3er appreciate tl-iat the various.
illustrative lqgical blocks, modules, circuits, and algorithm steps described in. connection with thc ernbod.iments disclosed laereirz may be implemented as electrorlic bax-dware, ccmputcr soffivare, or combinations of bcst1i. To clearly illustrate this iutcÃ=changc;ability of }iarti'ware: and 5offivare, vaiious illustrative compc7.nent-s, blocks, modules, c:lrcurt5, and steps la.ave been described above gs~:rie:raIly in terms of their function.ality-. Whethe=r sucl-r .tu.actl iÃality is iriiplczxicritcd as hardware or software depends upon the particular app:lzcEita.ozx and design cons:traznts imposed on the overall system. Skilled ar-tiscans may rtnplcxne7z't ttxe described ~'~zz3CtronaI.t'ty in ia.av.ir~~; ways kc~r.r each particul~.r ~.~~ttcatic~r~, but sr,ic1i implementation deci.siozis should not be i.i-rter~.~zetcd as c-,rusing a de~.,a.r-ture from the scqpe o#' the pre;;erit. invention.
:1 .i.
(00371 Tlie various il.lustiative logical blocks, nioclul.es, and circuits described in conai.ec:tion with the embodiments clisclo4ed laerehi. may bc iinpleme.at.ecl or performed 'Mtli a general purpose proc",sar, a. cl.igital signal processor (DSP), an app:li.cation spccit.ic lntcgn7.i:ed t;irctait (AS:i:C), a.fi teld prc3grarn ix3a,ble gat~.a array (l;':1?'C'rA) or ot.l-ie.r prog.ra.tnirtablt; logic device, discrete ca#:e or t.rans.ist.oa= lo~,~7e, discrete l7art9wa.rc corr-ip xÃents, or any c:c,}x-nbxiiatir.in. tltereof designed to pexi'c}mi th~,~ func:tions described herein. A general purpose processor mky be a ixzicroproeesso.r, birt in the alterma:tive. the processor may be any conventional processor, controller, #.llic.rocontrollert or state nxacbine. A processor iI3i3y also be iriipÃatnented as a combination of computing deVices, e.g., a combination of a DSP and a microprocessor, a plurality of Micrt,3pr.oceast,yrsc one or more rni.cropro,:.esstrrs in conjtinctioti Ni ith a DSP coro, cir any oÃliex sucli conl:igurati~.~.il.
100381 The stcps of a method or a1gorithni described in coniÃection with the embodinlefts disclosed herein may be embodied directly i.n ha.rd-wa.re, in a software zxic7dtile executed by a processor, or in a C:C?1I3bil3aI3o1-i f.)} the two. A
solltwarL modaile zx~-ay res.ikie in RAM memory, flasl7 z1iemozyY> ROX-1 rnertzory, EPROM
r2lemor;.+.
EF-PRO"v1 memory, registers, hard disk, a rciilovable disk, aCD-Rt}M, or any e?tlxer *~r.m CT'fstt?rslgf' i:E)i:~Cl.it~El-t 1C'71otiS'Y] in the 1i't.. r~#l f'YC1~7J3~>~.ry st+~.rz~ e rt~crliuÃz~ is ct~u}~letl #~~
the processor sucti tl-ie prooessor caza read irÃfbmiation 1'ro.ni, aaÃd -t.wite .izÃf'ormat.ion to:
the storage 121ed.itFt7?. In the alternative, the 4t:orkge i-z3ediuxri may be integral t~.~ the processor. The processor wid The storage meÃliuni may reside i.là an ASl:C.
The ASIC
rna.y reside in a user terminal. In the kiltcyrÃiative, the processor an.d the storage zÃzediuti7 an~ky A-eside a;-, discrete conaponetxts in a Lxse.rternyina.X.
jÃk)391 In one or more exemplary embodinacnts, the functions cle5cri.betl may be implemented in b.ardwa:re, s.aftware, t'irxww-a.re, or aaÃv con7biua:tion.
thereof. It;' i plc:mented in. software as a computer program product, tl-ic tunctio:11.s may bc; stored on or t.rar=taz3:t7tteti c~s~er as orle or Ãtiore .in4#:rrtacti.c ns or code c'm a t:~rt7put~.~Mrc~~.ci~il7le znec9i.tim. C:omptÃtc. =r.-rc;adablc; metlia- inclutles. both computer stora.gc n-ieclia. aiicl CC?t71I31UI3iC=atiOI7 .tlleC"ia inc.lutling ativ iÃieciiun-t that: facilitates transfer of a co.tnl.au.ter prograra:l~rom one place tci anotlxer.. A storage nÃeclia. nxay be an}
avaiIable meclia. that can be accessed by a computer. By Nvay of ex-a.inple, aÃ-icl iioi li.rnitation. scacla computer-readable niedia can comprise :R ANI, :l;tUN4, EEl:'ROIN,7:, C:D-lt.ON4. or other optical disk storage, ina;,netic tllsk 4tora cs ~e or storage clc;vices, or any other anc&um .l2 that can be used to carry or store desired program code in t1w form of instructions or data strLicttires and that can be acces"ed by a computer. Also, any contiec.t'rc}zi i.s proiaerly tiaz~ined a colxiputcr-rc:adallle medium. For exmnpie, if the sof-tware i.s tra3isiia7t.tecl fiz=om a. Nvchs.itc, server, or other rkmx7c3t.e: t;c.Turc=c using a coaxial c'ab1e, t.71aer ol.7ty.c cablc. tmAstcd pair, digita.l subscriber linc (ir3SL), or tivircless technologies siich as iiaftared, radio, and micrmave, then tlie c:c.sa,l.tal. cable, tiber optic cable, tm~istcd pair, :1;3S:tw, or wireless teclznol%yies sucFz as infratred, z-adio, and mv.crnwave are included xr.1 ti3e definition of x3lediuni. Di.sk axid dise, as tised lieveiii, iii.cltides compact disc. (C: D), laser disc, opt.ical disC, digital versatile disc {I3Vi.?}, floppy disk and 1zlu-rav di4e where clisk.s. usua.lly reproduce data 7nagrzeticaliy, `~v}tile discs reproduce data c?pt-icaily ~:vith lasers. C:ombinations of tho a.bc.}vie sl-ic.2Lild also be included witliin the scope of computez~-readAle m.ed'Ãa.
The pr.eviuois ctcscription cif the d.isQlcsed embodimerits is provided to eliable aziy person skilled in the a.rt to mali:e or use the 1}re;sent invention. Vaa-ious.mr}dificat:ic-~ns to these embodiments will bi-, readily apparent to those skilled in the art, and tlie: gwne:ric prizic.:ip1es defiticd l-ie-rein irisi-y 17e. applioci tc) cAher embcsdiaiez3ts w7tiicsut departing from the slairi.t or scope (3t= the ir~~er~tic}t~. Thus, the pr.esi`nt inv~.'nti~i-i is not iiYt.~ndocl to be liz-nited tt.-z the ernboci7rnents sbot=v-n berc.iri bui: is to be ttccorded the -c-V:idcst scope consistent -with tli~. principles arld z~ovet features disclosed herein.
(}G.!'P?} eu-id eit.rboriied in "'1'R-45.5 Physical :l:,asfer Sttlrxdtird for cdrraa2000 Spread 4pect.ruirt Systems" (the IS-2000 stakidard).
jW()6i In the above narn.eci MMA communication svsteÃrrs and standards, the a.vai:lable spect.tum is shared si.nt.ultartecsusiy among a number oi:'users, aiici suitable techniques are available to prc}-vicie services, such as voice and ciata. services.
[00071 Typical iYrob.ile subscribers use ci. rr-r.ohile, ,tation or te.az-rri.rral sucir. zts a mobile pIxr-iiie c.}r a lalitc.tla to accmess t.he wire.l.es4 communication svstern.
A. irlobiic station m~r~cr receive a.z3d play or store broaci.cast or muÃtica4t coDi.ert-t protected urider a digital rygtlrts mar.7a,emen:Ã scheme reqtririta.; communication Mth a rÃghts issue.r.
Hc.}Ni~ever, tlte rrrobile station rrray be outside of the covera4e area of the cellular telepiro.are systerrl, preventing play, of stored content. 'l'.tie.re is tl.r.eref.cyre a need in ttie art for a iirobil.e station coti.figured to permit play of larotecterl stored cotateiit, even -iviyeri outside of a covc:r.ag~,> area.
SUNIdY=lARY
1Oi)O.SI At3 aspect of the present Ãn.veri.ti.on r.t-tay t=e4id-e in a method for 5t:cureiv presenting content in a nxtsbi.le sta.ti.on. The mobil.Ã: stat.i.otx may i7ave.Y ar# air inte.r.face for cotrttrrun:icat,itig with a content provider :azid with a re:rtxote GoTt=te37.t fig}3t-s Ã:Ãi.anager, 1.
user .inter=';'ace -for receiving Oc.~.atetat reciuests and prese.Ãi:tizig catlterzt, a smart module, and a secut=it~v a;.~ertt. 'I'he sJi-tarà niodtÃ!e stcyres content presentation untts. a.tid has a j)rOxy content rio-his manager 'tc~r issuitig secure corttet}t keys v,,,ben tiie ti-iobile station, is unable to receive secure cc,tntcnt keys fronz tlie r.e=tt-ifatr: Ccantent rights rtxa.Ã7agger tÃsing, the air interface, '.i'he security agent securely receives secure content keys frot3-i tt-ie renitate cc}ntezit rights rt=tana;.:er aÃxd secr.arei>> traÃlsfcr4 secure cc?ntet7.t.
keys bo-h.vien the remote content rights man~4~e.r a:t7d the smart "Inodule. In the method, c=oliteÃit presentation units are transferred from the -reiit.oti: Loutent riu*}ttsnaanagUrtca the s:tmirt mc7duk~jur ;:taragL, using the air itttert:aci: a1id the security agent. A ~cc7nleÃzt presentation .t=c+ciuest is received vj-bile the t-nobile station is unable to c=on-trtxLtnis:a.te witli the remote content manager using the air interface. Secure content. keys a,Ã=e, t=etlue.;;tcd tron:t the smart moc9ule .fo~r allowing presetttatiozi n:i'the requested content. The sec=t.ire cotitent keys are transferred, based o7t rs.Ãie or rtiore af t:tae stored cc3.Ã-tteni: presentation cttaits, ~rotrz the proxy Lorttetit rigilits man a v er to the security kgent for e.Iiow~ing, presentation of the reclr.iest.erl cc~tatent.
100w] iti more detailed asl~ects ofti7t; iÃivetitio3i, the smru-t rtiocl-cÃle may, be a rcmovable sÃxiart.cat-d. `l"fze smart rÃ-t4duI.e t-ttay be a utiivet=sal subscriber identity tnodu:(e (UTSI?O), a removable user identity module R-UI~r1, or a cdma2flt3O subscriber icierttitv u=todule (CS:t Ni). A t least c.~zie content presentatimi utizt may define an allc.-~~-ved proxy ca.
Pabi.iity of the PÃ-e}-s';= conteiit ri-}tts manager, nia.y be atok-en indicating a ri,-,Fiat for presenting secure conterit, or ttiay he a credit. graÃt#:ing a .right t:or pres.ertti.tig secÃl.re corttc;ni...
00 t.1)l Additionally, tt-ie uontcnt provider nzky be a. broadcast ~-~c.}i-iteÃ-it provider and/or a t~1l1Xt]~~~f G~7~lt~'13t ~7.1't~\irlc.r. "I'lio method may further inclttde'transfert=irtg secure cont.e:t7i:
usage itzfoxmatiota f'rot~.~ the pro~xy content rights 1nztnager to the retzYote.~ writ.ent rights YÃxana~;e.a=_ a.nr1/or t'o the content pr[?vtde'r, when t:iae: mobile station is able to corrtr.nÃ.-rtic:Ã:te wit1l the remote coÃttetat manager usi..Ãz~Y the air .ititetFace. t:~~sa~,Fe statistics cc~~>et-iti~; each presentatic.~.n of a contexat segt=nent aiid/oz program may be 7naizita:inecl.
The cotitent seDn.em or prc?gyrttm u.saure stxtistic may be reported.
1001.1.1 I.Ãt. a:not:her more detailed aspect of the iA3veA3tto'ti, the secLire crr.Ãttent, keys ntay bE
encrypted by ti7o re.mot'.e ec)lt'ent 7tg}.t#.s mii.maaer. The tirtia.rt 7-i7ocllale may L9ecrypt the ericrypted secure cortteat. ke-.Ys and provide the cic;c=ry-gAcci secure c=ontei=tt: keys to the mobile station. based on one ar more atrai7ablc c:ontent presentatioti tinits.
Another aspect of t1-ie .rzivet3Ã:ioxi tnay reside in a rzlobite station including an air interface for cotnnitinicating witli acontexit p.rovide.r attd witka a remote content ?ights inana;;er, a Ltser interface for receiving Cnntent requests aATd p.resentriag.
content, a. smart innciule, and a secarÃÃ,y, kgent. 'rhe srnark niodule stores content presentation units and bas a prt}xy content rights manarer for issuing secuxe content keys when the mobile terminal is uiiabfe to receive secure eorttent l;:evs fron=t. the remote colitent jighzs manager t.tsing the air intert<ico. The sec-urity agent iecurely r,cei.ves sec:tire content keys t:roni the re.inc3te content rights tnatta~ye.r and securely trat=tst'ers secure content keys bL#;weez3 the remrite coiiÃew ri.E,hts mana<,er and the sn-.tar#: j-nortule_ The mobile station further itlcttttles mea.tt.S for ttar~st=e~iizt~, tasitig the air intert'7.ce a.iici the secur'ity a;?~ent., c:c}ntet7.t present.atyon ttni.ts frosn the remc}t(; content riglits manager to the smart module -fc7r Stora~.~e. nieans for .rr;ctL#e4ting; sect.tre c.oritei-it keys i'rorn the smiart z7iottale .{=or allowing presentation of the requested content Nvb.ile the mobile station is i.u-1al3le to Cat7?LnuJ.)i(;=c`fttv -'s'ih 'the reInClte content ma,#1ki~);er using the air .itlt'(;rfc"Fce_ and means -foi=
, s. based oxa one or ziiore of tlie stored ec.~i=tte.z7t presentatioti transferring secure content ke~y I'mits, from the Proxy conteitt riEx}Tt5 rnalt.ags'ir -to the security agent for allowing presentation ot'the reqLaested c.ot-ttent.
Y'et another aspect of the invention may residc is cc}inputr:r program product comprising ccaÃziptttex readable rziediuxn cotnpri.sziig code for causing a computer to transt'er, t#sinz a air i-we=rf't-tce xnci a secui=ity aaent of s, nic.rhile station, c-onterat Pz`esez3iatÃoz1 -ux3i-Es from a r`eniotc; content ~;~Ittti manager to a:;n-zt7.rt rnodtile of the mobile sta.ti.on tor stor;tge, cod.t: for causing a conapu.ter to rcqucst securc c~c,ai-itent 1<.eys from the s~txixt moci{i1e for allowing pre4etttatioti of- requested content -w-liile the inobiie sta.i.ior~ i.s unable to communicate witii the remote content manager using the air interface, and code for caus.ing a computer tx? securety, t#'anS.i=er secL-re eoatex3i: keys, based ori otie or xnore of the stored c~.~.i~tent presentation units, fi-orn the proxy content zzg-kats manager to tiie security a~er=tt -l~c~t= allowing presentation i-3t' Ã~ii~; requested c:c~r~te~-tt..
BRIE:lE<" il?~SCRIPT1:ON O`F y)C'HE DRANN':INGS
[00I4) FICa'. 1is an example of a'ti~ireless Cozrnnu'nication sysÃern;
[00151 FIG, 2 is a block r.iyaggrrynl ul' airlob.il.e. station 'llazrin~,~ a.
proxy content a=igl7t.`
rnama4er, in. accordance wntl-i an aspect. c?i'ttse ir~v-er-itio.n;
1O01.61 l.~.1:C3. 3) is a flow diagram of a ni~.~t1iocl for sec.Liruly preser.atiz~ab, content in a mobile statlozl; az3d 1.001.71 RG. 4 is a bloel,-. d.iaWam of a. system of BCNTC:S-b.ased content protection for playing previously streamed content.
DETAILED DESCRIPTION
1,001.51 .T'17e wc.i:rd "exemplar,-y" is Usetl 1ierein toniean "serving as an exainpl,e, i.nstas.iCe>
or illustration," Any c:mbodimemt described berein as "o+:enilalaryõ is not.
necessarily to be construed as preferred or a.elvanta4~~ciLÃs over otlier emborlin~erIts.
A..rc:n-lcyte:+tation, also knoitim as a mobile station {MS}, an access terminal (AT).
user eqtiipyiietit or subsceiher uxilt, insiy be, mobile or :;tatzt)na*,, and i2ia.y comzrtl.anioa.te -vvith one, or more base stations, also known as base tral-ssc=civer stations (BT5s) or iiode B;i. A .1'l-:I3"]C1t'e ,ti3.t7.oY1 tra.tl`'113.tt's and .rei,f'lZ%L'4 dc7.ta packets thY'C)L1,.;~1 C171f'. or t11t?re b&4E,' statiolis to a base station co7i.trol.le~, also know-n as radic.1 networl-. co .tro:llers (P.~-NTCs).
Base stations a:Jlci base station controllers are parts ot' a neowrc3.rk called an access network. An access network ta-aaaspoz-ts data pael;.ety-, between niultipte remote stations.
The access ne:hvrsrk ixiav be ftip.-ther ecilinectecl to additiorlttl ne=t",,orks otitsidr; the access netv~fo.tk, such as a coriiorate intranet or the tilt.emet, ax3d may transport data paCkets lawveen eacli rennote sta.ticin aiiti such outsicle networks. A remote station that has established an active traffic channel connection ,vith oxie or tziore base stations.is callerl ati active rern c}te st.atx oij, and is said tc.~ be in a trat'fic state. A
re~iclte station that is i:11 the lzrioces:~ of e:stabiÃshiag an aot.'uve tral:`t:rc cliaz3.neI connection z-v.itl2 one or n3ore base stations is said tf.i be in a conrloctÃc.~n setL:p state. A remote station may be a~-iv data device that c~.~lya7.munir.a:ies through a-,-virel:e4s cliarinel. A ren-iote station may.fia.rtber be any of a rattmber c.}f types of cie~~ices. including bitt iicat. limited tca .l'`C card, c:umpac=t t`lash, external or internal mocle7tl, oi- -wirel.e:;s l.ak3o.ne. The COrn1:r,U7tic:AiC37.1 Iiilk't}lrc?{aggh lsrtlich the reziiate station sends sigma:ls to the base station is called az-i up:lxzil:., also knoNv-n as a reverse Iirzh:. Tlie cz.~.mmuu.icatiozz. Iirrk tlrrc.~r.igh wh.icIl a base statlQi1 se.iiC1S sig#.1a15 to a Ã=eraa.ote st.aticrn. is calIed a ciownI.io.k, also kÃr.c.rvrr as a for=ward lin s-;.
JE1{32i1j Wztti ref.e.rcÃt.ce to F.igu.rc l, a -w.ireless co.mmucricadoxr system :100 iztetGxdes, otte ,oz- more wirs-:less mobile stations (NMS).102, one or more base st:ativns (BS) .104, ~iic or rnrrr.e base station controllers (13SC) '1 Ofi, aistl a. core network 10S.
Core network nÃaYr be conzrectcd toazr Internet 110 and a-Pz.Ãbl:ic 8%itched Telephoizc NotY-vork 112-1 via stl7t;a.t7.Ieba'1ck.hiTtlls. Atypi[:t].l w.Er,-,IeS.'~', Ãi1ob1IestatYL)i7.
lI]b?j7 7.fi. ',ll;idt: ,.t171211B7.di1eli:l. 1)hcJi'te, er a laptop computer. Wireless communication systeÃxr I00 z~iay enrplcsy any one of a number of multiple access tccliziÃques such as code divi:riorz r.ra.Lilti pte access (C::UI.OA), ti.i-ne division nrit:llilale access ('1UNIA), 1-:r=erluezrcv division rizLiltxple access (FUN7A.) space divi.sic)xr multiple a.ci.ess (aD_NIA), polarization division nxultipfc access (PUMA):
or other modr.}lat.iozi teclrnzclues known in the art..
10H0211 NNith mt`erezr.ct; to :FI~`'sS. 2 a:trd 3.; one aspeC~t. of the present izrvG:tition may reside in a metlrod 300 (FTC'.r. 3) for securely Pt'e.Se13tiÃly CÃzntezrt iir aivtobiie statiozr 1.02 (FIG. 2). The ii3oliile st:;:i:t4on rzrxy Iiat:c an air intert'we 20'-> tt>r comrxtzt:zicai.ing wit&r a.
cc~zrteiit provider 204 and with a z'emnteec)ntet2t ri.ggits Ãnawager 206, a trser irdeÃ't:as: e 208 t'or z=eceivÃzxgg content requests and presenting cont~.~ait 210, a szr~art niociu1e 212, and a security a=eat. 214. `nic ;rnart. module ktore5 ct7zrtent l~Ãeser~E~tic~zr uiiit.s 2116 ariii has a prc~-xy content rights zrianager 208 for issuing secure cozrtent keys 220 wher the mobile stati.ozà is uxial:?le to recei w=e secure content keys .ti-om the remote content rights mana._~.);er using the air i.nter:l's.ce. '.l'tie security agent securely rece.i~--es secz.Ãre content k.~Ys froiar the reriroir.~ Cozrtent figlAs staanager and .seczrrcly transfers scc:=ure coz7teÃal- ke~Ys between the remote cozitent riglits manager a:ncl, tlre sr-z3art znodule. lri tlie method _300, content presetita.tit?n LÃnits are transferred from the remote ccanter-t rights man,zg~~r to the smart 1110dt1lQ, tOr stOMPe, usÃzl1~ t:lre air xxrt.erface and the security acy~nt (step ~302). A content presentatic~:xi reciL7ist is received vv~hi.le the niobiic sta.tÃkxn is Ã.inablÃ: to communicate v'=itlY
the Ã=eitÃot~.~ r.i.iÃrteit .~~~~~~~~_>~.~r using the air .izrt:er}:ace (4tep 304). Secirre content keys are requested fron1 tl7e siaaaz't. rÃlociz3ie for allowing presentation of the requested co.ÃXtent (step 306). The 4ecure cw7t:ent keys are i.rarzs.fez=z=e:d, based nrt orte or more of the stored content presezit.ation units, from the pwxy content ngltts mana.ger to the secLrt^ity ag~.~at -Po-r allo~.~in4 p:a=csent:r:tiesrz of the requested content (step 308).
l;n .ixrc.~ree detailed aspects of the i.it.v-ezrtiozr, the content provider 204 may be a broadcast. content provicter= ancl/or a: 7nazltlca.st content prvvidc.r. Tlae mcxthtxdrrr.ayfuSt13LI' include trarzsferrir.7g secure conteiit usage information 222 i`ron-i tlse proxv corit.ent right:s mar-ztaer 2:I.8 to the .rerntzte contetit r.iglxts ni.a{uzger 206, and/or to t9i.c content pro>>idG.:t', wlierl the mobile statiori XQ2 is able to com.r17unicate Wit1i the re.mot:e corileÃit manager using tlie rÃ.ir .iMerl'ace 202.
1Ã1f32-31 The stna.rt t7.Ãoc9.ule 212.niixY be a rf''Ãt3.~.1vablt=`.
:i12ii3,!'t.Cc`l.rd. The smart I-modtl.lP.= may be a universal sLtbscribcr id~.~r~.ta.ty mcadul~.~ (USIM), a removable Ã.ise.r identity m.os.lul~.~.R-'t~IM:, or a c=d=2000 &Ã.Ãbscr.iber idetÃtity rilodule (C"41M). ,1.i: least Orle ccsrrtent:
presentati.on Lrnit M16 lnkv define an al.:l0wec1 proxy capability ot'the proxy conte.nt ri~hts niana;.;e.r, may be a token indicating a. ri;w'}i-t i`'or= presenting secure content, or n-lay be a credit gnanting,, a.right -kor presenting seca.rre ccsnterlt:.
1002=11 The tQcshniciue pr.ovicte4 for cflicacii.t. broadcast and multicast conte.nt. rights enforcement. The smart iiiodÃ.de 212 may act as a pri.~~y r's~.~hts isswer, r.ights enforce.r, and usage. reportc;r. Tl-rc remote rights manager 206 ni.ay load allty~~.-cM
proxy capabilities to the sma.r-t ri-todrÃle. The sma.r-t rriotiule n7ay issue a riglit.s object RC3 to the znallile :;#:a:ticfn 102. and uiav seri(i t:he ri.;his objects to the ren-iote rights manager pcrit7cl.ic:.a11y, or when in the covera;,~e o{' a base station 104 servirig the z-nobile siati:on 102. A ycc,LÃre communication chaiinel 224 may pes=riilt sectire, communications between the smaz~t n-roelule aÃici the sectrrii:y agent 214. The sce=tÃre contezit 210 may bc stored #a a secure content sto.re 226 of the mobile statiori :102.
li?t3~~1 The remote contezit rights rrrarza4we.r 206 may reside in the core network .108 (FIG. 1), crr in a netNvork server available tlir~.~ugh the irit.er.net 1 10.
Likewise, the c:oiil.eiit provider in.ay reside in the cz~are network 108, c.,)r in a netN.vork server availrible through the xnt.erÃ-ret 7 'I {l_ (Ãk)26j The reiilote con.terÃf 1i4slits manager 206 may encrTpt the soctÃre content keys 220. The seci.Ãre c-Ontezit: keys ~?= rzaav be stored in the encrypted farin iii the mobile statioll .An. encryption key u.sect to prc}tect the secure content keys znav be provided to tb~.a s.r7iart ziiodulc;'~?*I2) tl-.ir<YuXb secure bootstrarpix~g v7a t}Ãe ixiobi1e 6tat.ior3. Wberi the mobile station plays ciicr~~ pted content 21 0, it may pr4sG22t tl1E:
encrypted secur~:~ content ke4`;; to i:t3o smart Ã7ac7dufe, wbieh decrypts ttie k.eyq or-te by oÃie icizid supplie4 thern tii the mobile station, provided that content presentation unxts 216 are aviiÃl.al37f;.
I002'i1 Another aspect o.i'tFze invention mav reside i:a a mobile station 102 {Fi:GE. 2) irÃcIudirity wi air inter.t:ace 202, for comxnwii.catzrlg -w-zth a conteÃit proi~ider'04 azi-d ~vith a remote co3.ttetlt .t'.igh.i.s manager 206, x. user int.erface 208, .{or receiv7ng- con-tent a-eriue;;l.s and presenting content 210, a sinart tnOduile 212, arld asecÃ.r.rity agent 214. The smart u1od.ttlc: stores content Ia.resentHti.r,Ãrt tÃ.riits 21 6 arid has a ps=c3xv c=ontetit rig;hts n anager 218 for issuiFtg secure content keys 220 when tiie mobile station is trliable tt:) receive secure i:U11tL-;I31' keys '1.7'C)r3"t t,17.C', remote GfJ73'tent rights manager using tlic: air irxteÃ-1'ace. "i`lle securitz~ ~ger7t securely receives secure content keys .ii=om tlie rernote coitent ri4i7t.s nvar~agrer and s~.:cLÃreiy. transfers secLire content k-eys beuveez.i the remote contezit .rights tnana.ger and the szrla.rt rxaodule. The z-nt7bile statiori -fuz=t:lÃer i:ri.iludes xneeiÃa.s =1~or transferri.n;.õ, usirrg the air iziterface and the security agent, content p:resentatÃata units from the remote e=oritent riglifis irla.rla;wer to the srtia.rfi rtioduie for stor~..;e, rrtear7s ti).r requesting secure ccyiitent l;:eys from the s.1r.7ari ti-iodt.tte for allow~rinf~,~ ~~resez3t:atiL~.r}. c~x -tJ~e requested c;ontcnt whi.le the mobile station is t.Ãnabi.e tc.3 c:.c?rnmuni.Qate with tfxe re.mot.e content managl7er using the air interface; and means for tzarzsfer=rir3g secure content ltevs, based oii one or moro of the storM c:tynteiit presentation tÃrxits, fz=or-n tho proxy conterit right's manager to the seeurity kgent: for allowing presentation of the requested content.
iW281 Yet another aspect, of the ;Ãave.Ãzt.iUn. may reside is cmzaputo:r prc,~~r<t.m pi-odttc;t compr.isw~; computer readable tx3e;(tixÃYn coz pfisirtgy code for causing a corxlpt#ter to tr-aiXsf'er, usiixg, a <-~r interfa.ce .2,02 and a security agent 27.4 of a siaobile stati(an I02, content preset) tat:ion 'ur7.i-ts 216 l:r zn s. remot.e content rights m&nagge.r 206 to ;r. sznart.
module 212 of the mobile station fc>r storac)e, rade for ca-Lrsing aco.z1aputer to request secure cotiterÃt: keys 220 frc~.iii ci3e: sa-rlar't: r7rodu.ie for altc)-vv'irlg p.r'eGer7ta:tion of- requested cantent 210 while the .moi?iie station is unable to conirnunicate witil the .remate content nianagger using the air interface, kli~C`l. t;L~'. '1.'C~I' L"i~~Ãsist~ a computer to seeiÃaeI~Y transfer secLÃre cotrtexit key s, based on ot-re or -cnore of the stored conte. t presentation units, fron Y
the proxy content rights manager to the security agent for allc~~xfing presentation of th(-~
requested content.
iÃtt3y.9j One option tc}rBC1iICS-i.~a.sed content protection tctr stored previously streamed cot.rtett 402 may- bc: tiescriixed with reference to FIG. 4. A. terminal 404 (such as tl:re iizobiie station 102} asks permission to play the recorded c~uÃ1tr:iYt from a s.rnarteard 406 rsr tneclule. The srnartcax=tt act.s, a:: a pz=cixy rights issuer 408 'f't)r t}te terminal, T13e smttrtc.ard sends pjvviously stored traffic encryption keys (TEKs) based on pernaissiasl in a rights oiaject. (RO) 410 :received from the srtzart:eard. This may 1:3-aPpez3 even if tfre tertnÃnal is otÃt of the DC.MCS roverkge area_ "'iIeÃi network coverage is available, the =te.rrziizia.l sends a. report 412 of, uskae st~.'tisties to a :BCN9:CS
contrc7ller 414 or other network server 416.
1003,01 Another option =1'or 1r3CN1:CS--based content pratectroi] "1't?r stored pr=evitaÃtsly strear.ned. conter~t 402 may be described witla .reslaect=. to FI:Cc. 4.
W17ez3 7Ãet~~'tTr~. cC)cYer~<~e is available, -the t.orininal 404 rec~eives ROs -froirà a content provider 416 over a. channel that is latt-ps (hypertext transpcirt l.~rotc.}c:o), sec=L7rc) protected. The temitaa.l asks Pernlissiea=rà to Play the recorded content from the stx~artea,rrl 406. The smartcard acts as ,fits issuer 409 for tlie t.errÃiiÃial. The smartcsr=d sends prev.iously stored TEKs a proxy r.Ã;-based oii pernnitision in a ROrecei,,-,ed 1'rom the smart:ca.rd. This rnay lia.pF7exi even. .it'ttie terminal is oÃ.Ãt of the BCAM"S cov>erktge area. When netu=ork coverage is available, -the terniina1 ni.av send a report of 17sagr; statistics to the BCMCS controller or other iretwtark-ser4-er. `.li'he report may c=ontah7. detailed statistics sLicli as separate play ~.~.nce and repeat play- cases. The servic~:~ prcividez- may or may not charge for rease of the stored cont.cnt.
The termina.t ma41 seiid a reporfi 4'ff of Ã.zsage stat.istiLs to the c=omeÃ1tProv.ider 4'1E5, u:fhicii nmay allcnz the content provider to crus`-chicl;- usag~.a statisiic:: reported by #:k3e caervice pr~.'Ys`ide=r.
[W311 The usage st.atist.iÃ:. may include TEK. count, time-based accounting, pac=ket-b.ase,d accou.ni:ing, or a combina:tior:Ã t.lic-reot. The tenlliffl3.l 404 may pi~.~g-ybtt0k the report on other sivarzaliug znessages so tliat a separate report message may not be reciuired. The u,s~~.~e statistics x=nay be able to dist:iaiguislz bet:wecAi live streat-ning corttent, play (Y~' recorded cozi t.exÃt t:ronz. beginnzr7g to end, aiid user rew-iziding; of content in the middle of tlie e=wtent.. Usage statistic;s c=a,~:`ering each presentation cit` a coiit.eiit segaient wid./or progota.m niay l}e tnai.ntai. ed_ ':l'he co.t3tent segmeJÃt. or program usage statistic n-iay be report.cd, 10032) The );3C1V1:CS coarolle.r 414 rxiav seÃid a broadcast access key {B}1.K) to the smcÃrtcard. 406 via the naolaile ternxbiai 404. A short-tenr7 key messa~o (ST
~; ~fl) ma3 be sent 'rrE7.tn the 13C'MC'S cont.rt,llcr to =tlte szn2rtcard 406, or it may he seni: by 813CAST
st~rvice distrilaution/xtcl;q.station {BSDk) unii. The sma.rtcard i-na.y send.
tl-ie short-te:m-I
(S:1Q to the "ecLirity a.geii t: 418 on -the- tern-iinal. The se:curit.y a~er<t is ri~sted t~.t) d'Ãscard the SK after LYse.
1003:31 Az3oi:lÃer o-lyt.ir~ii for BCAIt:S,-hased coatent: protection #or stc:)rerl previously streamed centex~t 4021 may be described again A-vith re#erezÃ.ce to FIG. 4_ Whea networ.h.
coverage is a.vailable, t:11e tezxninal 404 receives ROs 410 frorÃ-i a content provider 416 .l~
over a. channel that is https protected. Tiie terminaI xna~ be able to store cozitent encryption keys lc}cal.]y. The tcrrni.na1. asks Pca=r.nission to PI.ay the recorded c:cfntcr7.t from the s.rna:rtcard 406. The s'nxartcard acts as a proxy rights issuer 408 for the te.t:m.ir7a.1. I'ri anuffier va.t=iat.ion, the snartcxa.rd (C.S) 3M: or R-UM) curx3ptÃtes aiid sends cor.itera cncryptlon keys to the 1:errnina1 base(i QE3 per'iiti.sfiie>ri in a RO
received f:roni the contcnt provtdÃ.'r. The er<cÃ~ypflOn. keys may be 4c1it oVCl' a secure cbaniicl 420.
This may happen ei=rrzi if f:lae terrz7inal is out o1' the BC::i4IC'S coverkgc a:c-ea., When. ra.ci:-'vork' coverage is available, the terrii.zzaal sends a report of plav once usage statistics to tlie BCMCS controller or other ncvvv&k. se.rver. `1`hc service provider may r7oi:
(or='i.s rarxablc to;) charge.lior multi-play or rease of thc st:orcd ct7nteiit. `Fhe tern-ii.na1 may 5crxd a report 412' ot usage statistics to the coiitc.nt provider, which m.kyal.law the contQr7t providur :1c) cxoss-c~iec.k usage statistics.reporÃed by Ãlle service p.rovida.r.
[(H)341 The smÃ=r;rts:ard-ba.scd RO control rr-iay be scnt via. a ko)r message l,STKNI or loIr-term key mesmge (.1-TIK:1L.1). The RO may indicate xi ghfis to play oricc record, play I3:11:1ltIk3tL=', ti211es, etc. The tecbI3.rL'(u=G' Tna\i be trsect -f(.)z' both multimLdia broadcast rliulticasi:
;;ervice; (MBX-IS) and broadcast and multicast qervic:e (BCN1:C-8).
[00351 Tlxosc of skill in the art ulitlerstarici that irrt'ori-na.tÃ~.rn and signals may be represented u4in=.~ attv' ot a. variety of diff'c.rc.ni: i.cctmolqgie;; and t.eciu3.iclues_ For e~:ample, data, Ã.nstrLictions, commands, information, signals, bits, symbols, anr;i. chips that i-raav be referenced i:iar=ou~hntrt i:irc above description rziay be represented by Volta.gas, cLrrrents, electr~.~.nÃa.;;zac:tsc waves, niagnetic flelds or pa.rti.cies, optical fields or particl:es, or Ãtny- cor:1ibir.~ation thereof.
10Ã336j Those of s:k.ill would fLird3er appreciate tl-iat the various.
illustrative lqgical blocks, modules, circuits, and algorithm steps described in. connection with thc ernbod.iments disclosed laereirz may be implemented as electrorlic bax-dware, ccmputcr soffivare, or combinations of bcst1i. To clearly illustrate this iutcÃ=changc;ability of }iarti'ware: and 5offivare, vaiious illustrative compc7.nent-s, blocks, modules, c:lrcurt5, and steps la.ave been described above gs~:rie:raIly in terms of their function.ality-. Whethe=r sucl-r .tu.actl iÃality is iriiplczxicritcd as hardware or software depends upon the particular app:lzcEita.ozx and design cons:traznts imposed on the overall system. Skilled ar-tiscans may rtnplcxne7z't ttxe described ~'~zz3CtronaI.t'ty in ia.av.ir~~; ways kc~r.r each particul~.r ~.~~ttcatic~r~, but sr,ic1i implementation deci.siozis should not be i.i-rter~.~zetcd as c-,rusing a de~.,a.r-ture from the scqpe o#' the pre;;erit. invention.
:1 .i.
(00371 Tlie various il.lustiative logical blocks, nioclul.es, and circuits described in conai.ec:tion with the embodiments clisclo4ed laerehi. may bc iinpleme.at.ecl or performed 'Mtli a general purpose proc",sar, a. cl.igital signal processor (DSP), an app:li.cation spccit.ic lntcgn7.i:ed t;irctait (AS:i:C), a.fi teld prc3grarn ix3a,ble gat~.a array (l;':1?'C'rA) or ot.l-ie.r prog.ra.tnirtablt; logic device, discrete ca#:e or t.rans.ist.oa= lo~,~7e, discrete l7art9wa.rc corr-ip xÃents, or any c:c,}x-nbxiiatir.in. tltereof designed to pexi'c}mi th~,~ func:tions described herein. A general purpose processor mky be a ixzicroproeesso.r, birt in the alterma:tive. the processor may be any conventional processor, controller, #.llic.rocontrollert or state nxacbine. A processor iI3i3y also be iriipÃatnented as a combination of computing deVices, e.g., a combination of a DSP and a microprocessor, a plurality of Micrt,3pr.oceast,yrsc one or more rni.cropro,:.esstrrs in conjtinctioti Ni ith a DSP coro, cir any oÃliex sucli conl:igurati~.~.il.
100381 The stcps of a method or a1gorithni described in coniÃection with the embodinlefts disclosed herein may be embodied directly i.n ha.rd-wa.re, in a software zxic7dtile executed by a processor, or in a C:C?1I3bil3aI3o1-i f.)} the two. A
solltwarL modaile zx~-ay res.ikie in RAM memory, flasl7 z1iemozyY> ROX-1 rnertzory, EPROM
r2lemor;.+.
EF-PRO"v1 memory, registers, hard disk, a rciilovable disk, aCD-Rt}M, or any e?tlxer *~r.m CT'fstt?rslgf' i:E)i:~Cl.it~El-t 1C'71otiS'Y] in the 1i't.. r~#l f'YC1~7J3~>~.ry st+~.rz~ e rt~crliuÃz~ is ct~u}~letl #~~
the processor sucti tl-ie prooessor caza read irÃfbmiation 1'ro.ni, aaÃd -t.wite .izÃf'ormat.ion to:
the storage 121ed.itFt7?. In the alternative, the 4t:orkge i-z3ediuxri may be integral t~.~ the processor. The processor wid The storage meÃliuni may reside i.là an ASl:C.
The ASIC
rna.y reside in a user terminal. In the kiltcyrÃiative, the processor an.d the storage zÃzediuti7 an~ky A-eside a;-, discrete conaponetxts in a Lxse.rternyina.X.
jÃk)391 In one or more exemplary embodinacnts, the functions cle5cri.betl may be implemented in b.ardwa:re, s.aftware, t'irxww-a.re, or aaÃv con7biua:tion.
thereof. It;' i plc:mented in. software as a computer program product, tl-ic tunctio:11.s may bc; stored on or t.rar=taz3:t7tteti c~s~er as orle or Ãtiore .in4#:rrtacti.c ns or code c'm a t:~rt7put~.~Mrc~~.ci~il7le znec9i.tim. C:omptÃtc. =r.-rc;adablc; metlia- inclutles. both computer stora.gc n-ieclia. aiicl CC?t71I31UI3iC=atiOI7 .tlleC"ia inc.lutling ativ iÃieciiun-t that: facilitates transfer of a co.tnl.au.ter prograra:l~rom one place tci anotlxer.. A storage nÃeclia. nxay be an}
avaiIable meclia. that can be accessed by a computer. By Nvay of ex-a.inple, aÃ-icl iioi li.rnitation. scacla computer-readable niedia can comprise :R ANI, :l;tUN4, EEl:'ROIN,7:, C:D-lt.ON4. or other optical disk storage, ina;,netic tllsk 4tora cs ~e or storage clc;vices, or any other anc&um .l2 that can be used to carry or store desired program code in t1w form of instructions or data strLicttires and that can be acces"ed by a computer. Also, any contiec.t'rc}zi i.s proiaerly tiaz~ined a colxiputcr-rc:adallle medium. For exmnpie, if the sof-tware i.s tra3isiia7t.tecl fiz=om a. Nvchs.itc, server, or other rkmx7c3t.e: t;c.Turc=c using a coaxial c'ab1e, t.71aer ol.7ty.c cablc. tmAstcd pair, digita.l subscriber linc (ir3SL), or tivircless technologies siich as iiaftared, radio, and micrmave, then tlie c:c.sa,l.tal. cable, tiber optic cable, tm~istcd pair, :1;3S:tw, or wireless teclznol%yies sucFz as infratred, z-adio, and mv.crnwave are included xr.1 ti3e definition of x3lediuni. Di.sk axid dise, as tised lieveiii, iii.cltides compact disc. (C: D), laser disc, opt.ical disC, digital versatile disc {I3Vi.?}, floppy disk and 1zlu-rav di4e where clisk.s. usua.lly reproduce data 7nagrzeticaliy, `~v}tile discs reproduce data c?pt-icaily ~:vith lasers. C:ombinations of tho a.bc.}vie sl-ic.2Lild also be included witliin the scope of computez~-readAle m.ed'Ãa.
The pr.eviuois ctcscription cif the d.isQlcsed embodimerits is provided to eliable aziy person skilled in the a.rt to mali:e or use the 1}re;sent invention. Vaa-ious.mr}dificat:ic-~ns to these embodiments will bi-, readily apparent to those skilled in the art, and tlie: gwne:ric prizic.:ip1es defiticd l-ie-rein irisi-y 17e. applioci tc) cAher embcsdiaiez3ts w7tiicsut departing from the slairi.t or scope (3t= the ir~~er~tic}t~. Thus, the pr.esi`nt inv~.'nti~i-i is not iiYt.~ndocl to be liz-nited tt.-z the ernboci7rnents sbot=v-n berc.iri bui: is to be ttccorded the -c-V:idcst scope consistent -with tli~. principles arld z~ovet features disclosed herein.
Claims (31)
1. A method for securely presenting content in a mobile station having an air interface for communicating with a content provider and with a remote content rights manager, a user interface for receiving content requests and presenting content, a smart module for storing content presentation units and having a proxy content rights manager for issuing secure content keys when the mobile station is unable to receive secure content keys from the remote content rights manager using the air interface, a security agent for securely receiving secure content keys from the remote content rights manager and for securely transferring secure content keys between the remote content rights manager and the smart module, the method comprising:
transferring, using the air interface and the security agent, content presentation units from the remote content rights manager to the smart module for storage;
receiving a content presentation request while the mobile station is unable to communicate with the remote content manager using the air interface;
requesting secure content keys from the smart module for allowing presentation of the requested content; and transferring secure content keys, based on one or more of the stored content presentation units, from the proxy content rights manager to the security agent for allowing presentation of the requested content.
transferring, using the air interface and the security agent, content presentation units from the remote content rights manager to the smart module for storage;
receiving a content presentation request while the mobile station is unable to communicate with the remote content manager using the air interface;
requesting secure content keys from the smart module for allowing presentation of the requested content; and transferring secure content keys, based on one or more of the stored content presentation units, from the proxy content rights manager to the security agent for allowing presentation of the requested content.
2. A method for securely presenting content in a mobile station as defined in claim 1, wherein the smart module is a removable smartcard.
3. A method for securely presenting content in a mobile station as defined in claim 1, wherein the smart module is a universal subscriber identify module (USIM).
4. A method for securely presenting content in a mobile station as defined in claim 1, wherein the smart module is a removable user identity module R-UIM.
5. A method for securely presenting content in a mobile station, as defined in claim 1, wherein the smart module is a cdma2000 subscriber identity module (CSIM).
6. A method for securely presenting content in a mobile station, as defined in claim 1, wherein at least one content presentation unit defines an allowed proxy capability of the proxy content rights manager.
7. A method for securely presenting content in a mobile station, as defined in claim 1, wherein at least one content presentation unit is a token indicating a right for presenting secure content.
8. A method for securely presenting content in a mobile station, as defined in claim 1, wherein at least one content presentation unit is a credit granting a right for presenting secure content.
9. A method for securely presenting content in a mobile station, as defined in claim 1, further comprising transferring, using the air interface, secure content usage information from the proxy content rights manager to the remote content rights manager when the mobile station is able to communicate with the remote content magager using the air interface.
10. A method for securely presenting content in a mobile station, as defined in claim 1, further comprising transferring, using the air interface, secure content usage information from the proxy content rights manager to the content provider when the mobile station is able to communicate with the remote content manager using the air interface.
11. A method for securely presenting content in a mobile station, as defined in claim 1, further comprising:
maintaining content segment usage statistics covering each presentation of a content segment; and reporting the content segment usage statistics.
maintaining content segment usage statistics covering each presentation of a content segment; and reporting the content segment usage statistics.
12. A method for securely presenting content in a mobile station as defined in claim 1, further comprising:
maintaining program usage statistics covering each presentation of a program;
and reporting the program usage statistics.
maintaining program usage statistics covering each presentation of a program;
and reporting the program usage statistics.
13. A method for securely presenting content in a mobile station as defined in claim 1, wherein the content provider is a broadcast content provider.
14. A method for securely presenting content in a mobile station as defined in claim 1,wherein the content provider is a multicast content provider.
15. A method for securely presenting content in a mobile station as defined in claim 1,wherein the secure content keys are encrypted by the remote content rights manager, and the smart module decrypts the encrypted secure content keys and provides the decrypted secure content keys to the mobile station based on one or more available content presentation units.
16. A mobile station, comprising:
an air interface for communicating with a content provider and with a remote content rights manager;
a user interface for receiving content requests and presenting content;
a smart module for storing content presentation units, the smart module having a proxy content rights manager for issuing secure content keys when the mobile terminal is unable to receive secure content keys from the remote content rights manager using the air interface;
a security agent for securely receiving secure content keys from the remote content rights manager and for securely transferring secure content keys between the remote content rights manager and the smart module;
means for transferring, using the air interface and the security agent, content presentation units from the remote content rights manager to the smart module for storage;
means for requesting, secure content keys from the smart module for allowing presentation of the requested content while the mobile station is unable to communicate with the remote content manager using the air interface; and means for transferring secure content keys, based on one or more of the stored content presentation units, from the proxy content rights manager to the security agent for allowing presentation of the requested content.
an air interface for communicating with a content provider and with a remote content rights manager;
a user interface for receiving content requests and presenting content;
a smart module for storing content presentation units, the smart module having a proxy content rights manager for issuing secure content keys when the mobile terminal is unable to receive secure content keys from the remote content rights manager using the air interface;
a security agent for securely receiving secure content keys from the remote content rights manager and for securely transferring secure content keys between the remote content rights manager and the smart module;
means for transferring, using the air interface and the security agent, content presentation units from the remote content rights manager to the smart module for storage;
means for requesting, secure content keys from the smart module for allowing presentation of the requested content while the mobile station is unable to communicate with the remote content manager using the air interface; and means for transferring secure content keys, based on one or more of the stored content presentation units, from the proxy content rights manager to the security agent for allowing presentation of the requested content.
17. A mobile station as defined in claim 16, wherein the smart module is a removable smartcard.
18. A mobile station as defined in claim 16, wherein the smart module is a universal subscriber identity module (USIM).
19. A mobile station as defined in claim 16, wherein the smart module is a removable user identity module R-UIM.
20. A mobile station as defined in claim 16, wherein the smart module is a cdma2000 subscriber identity module (CSIM).
21. A mobile station as defined in claim 16, wherein at least one content presentation unit defines an allowed proxy capability of the proxy content rights manager.
22. A mobile station as defined in claim 16, wherein at least one content presentation unit is token indicating a right for presenting secure content.
23. A mobile station as defined in claim 16, wherein at least one content presentation unit is a credit granting a right for presenting secure content.
24. A mobile station as defined in claim 16, further comprising means for transferring secure content usage information from the proxy content rights manager to the remote content rights manager, using the air interface, when the mobile station is able to communicate with the remote content manager using the air interface.
25. A mobile station as defined in claim 16, further comprising mans for transferring secure content usage information from the proxy content rights manager to the content provider, using the air interface, when the mobile station is able to communicate with the remote content manager using the air interface.
26. A mobile station as defined in claim 16, further comprising:
means for maintaining content segment usage statistics covering each presentation of a content segment; and means for reporting the content segment usage statistics.
means for maintaining content segment usage statistics covering each presentation of a content segment; and means for reporting the content segment usage statistics.
27. A mobile station as defined in claim 16, further comprising:
means for maintaining program usage statistics covering each presentation of a program; and means for reporting the program usage statistics.
means for maintaining program usage statistics covering each presentation of a program; and means for reporting the program usage statistics.
28. A mobile station as defined in claim 16, wherein the content provider is a broadcast content provider.
29. A mobile station as defined in claim 16, wherein the content provider is a multicast content provider.
30. A mobile station as defined in claim 16, wherein:
the source content keys are encrypted by the remote content rights manager; and the smart module includes means for decrypting the encrypted secure content keys and providing the encrypted secure content keys to the mobile station based on one or more available content presentation units.
the source content keys are encrypted by the remote content rights manager; and the smart module includes means for decrypting the encrypted secure content keys and providing the encrypted secure content keys to the mobile station based on one or more available content presentation units.
31. A computer program product, comprising:
computer readable medium comprising:
code for causing a computer to transfer, using a air interface and a security agent of a mobile station, content presentation units from a remote content right manager to a smart module of the mobile station for storage;
code for causing a computer to request secure content keys from the smart module for allowing presentation of requested content while the mobile station is unable to communicate with the remote content manager using the air interface;
and code for causing a computer to securely transfer secure content keys, based on one or more of the stored content presentation units, from the proxy content rights manager to the security agent for allowing presentation of the requested content.
computer readable medium comprising:
code for causing a computer to transfer, using a air interface and a security agent of a mobile station, content presentation units from a remote content right manager to a smart module of the mobile station for storage;
code for causing a computer to request secure content keys from the smart module for allowing presentation of requested content while the mobile station is unable to communicate with the remote content manager using the air interface;
and code for causing a computer to securely transfer secure content keys, based on one or more of the stored content presentation units, from the proxy content rights manager to the security agent for allowing presentation of the requested content.
Applications Claiming Priority (9)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US76487906P | 2006-02-03 | 2006-02-03 | |
| US60/764,879 | 2006-02-03 | ||
| US77874206P | 2006-03-03 | 2006-03-03 | |
| US60/778,742 | 2006-03-03 | ||
| US80255606P | 2006-05-19 | 2006-05-19 | |
| US60/802,556 | 2006-05-19 | ||
| US11/669,873 | 2007-01-31 | ||
| US11/669,873 US9055040B2 (en) | 2006-02-03 | 2007-01-31 | Method and apparatus for content protection in wireless communications |
| PCT/US2007/061577 WO2007092793A2 (en) | 2006-02-03 | 2007-02-02 | Method and apparatus for content protection in wireless communications |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2641558A1 true CA2641558A1 (en) | 2007-08-16 |
| CA2641558C CA2641558C (en) | 2016-11-22 |
Family
ID=38235284
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA2641558A Active CA2641558C (en) | 2006-02-03 | 2007-02-02 | Method and apparatus for content protection in wireless communications |
Country Status (9)
| Country | Link |
|---|---|
| US (1) | US9055040B2 (en) |
| EP (1) | EP1979850B1 (en) |
| JP (1) | JP4763806B2 (en) |
| KR (1) | KR101229518B1 (en) |
| CN (1) | CN101375290B (en) |
| BR (1) | BRPI0707379B1 (en) |
| CA (1) | CA2641558C (en) |
| TW (1) | TWI338490B (en) |
| WO (1) | WO2007092793A2 (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007097604A1 (en) | 2006-02-27 | 2007-08-30 | Samsung Electronics Co., Ltd. | Method and system for protecting broadcast service/content in a mobile broadcast system, and method for generating short term key message therefor |
| KR100975386B1 (en) * | 2006-02-27 | 2010-08-11 | 삼성전자주식회사 | Method and system for protecting broadcasting service/content in a mobile broadcast system, and method for generating a short term key message thereof |
| US8046839B2 (en) * | 2007-04-13 | 2011-10-25 | Qualcomm Incorporated | Mobile unit parental control |
| KR101346623B1 (en) | 2007-10-12 | 2014-01-03 | 삼성전자주식회사 | Contents service providing method and authentication method between device and device using broadcast encryption, display device and device for low resource |
| US8544066B2 (en) * | 2007-12-27 | 2013-09-24 | Nec Corporation | Access right management system, access right management method, and access right management program |
| EP2283613A4 (en) * | 2008-06-03 | 2013-07-31 | Ericsson Telefon Ab L M | A system, method and a component for monitoring broadcast/multicast usage |
| KR100950458B1 (en) | 2008-07-24 | 2010-04-02 | 주식회사 드리머아이 | Mobile broadcasting conditional access system based on memory card |
| KR20100047651A (en) * | 2008-10-29 | 2010-05-10 | 삼성전자주식회사 | Method and apparatus for acquiring encryption key for providing premium channel |
| US8621520B2 (en) * | 2009-05-19 | 2013-12-31 | Qualcomm Incorporated | Delivery of selective content to client applications by mobile broadcast device with content filtering capability |
| WO2011029457A1 (en) * | 2009-09-09 | 2011-03-17 | Telefonaktiebolaget Lm Ericsson (Publ) | Technique for determining usage of encrypted media content |
| CN113747547B (en) | 2020-05-28 | 2023-05-05 | 维沃移动通信有限公司 | Service acquisition method, device, communication equipment and readable storage medium |
Family Cites Families (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE3400248A1 (en) * | 1984-01-05 | 1985-07-18 | Hoechst Ag, 6230 Frankfurt | METHOD FOR ELECTROCHEMICALLY Roughening ALUMINUM FOR PRINTING PLATE CARRIERS IN AN AQUEOUS MIXED ELECTROLYTE |
| JP2000224562A (en) * | 1999-02-01 | 2000-08-11 | Ntt Data Corp | Broadcasting service system and reception terminal equipment |
| US20020067730A1 (en) * | 2000-12-05 | 2002-06-06 | Starguide Digital Networks, Inc. | Method and apparatus for IP multicast content distribution system having national and regional demographically targeted advertisement insertion |
| US20030079133A1 (en) * | 2001-10-18 | 2003-04-24 | International Business Machines Corporation | Method and system for digital rights management in content distribution application |
| JP2003296484A (en) * | 2002-03-29 | 2003-10-17 | Sanyo Electric Co Ltd | Server device, terminal device, storage device, and communication system |
| US7623871B2 (en) | 2002-04-24 | 2009-11-24 | Qualcomm Incorporated | Position determination for a wireless terminal in a hybrid position determination system |
| CN1675878A (en) * | 2002-08-20 | 2005-09-28 | 皇家飞利浦电子股份有限公司 | Mobile network authentication for protecting stored content |
| KR100513297B1 (en) * | 2003-01-24 | 2005-09-09 | 삼성전자주식회사 | System of managing mutimedia file in intranet and method thereof |
| JP2004254178A (en) * | 2003-02-21 | 2004-09-09 | Mitsubishi Electric Corp | Key distribution system for cryptographic communication |
| EP1513040B1 (en) | 2003-09-03 | 2006-12-20 | France Telecom | System and method for distributing content access data |
| US7065163B2 (en) | 2003-10-08 | 2006-06-20 | Qualcomm, Incorporated | Frequency error estimation using multiple integration lengths |
| AU2003279547A1 (en) | 2003-10-14 | 2005-04-27 | Telecom Italia S.P.A. | Method, system and computer program for managing usage of digital contents. |
| US7660605B2 (en) * | 2004-08-31 | 2010-02-09 | Research In Motion Limited | Method and system for the configuration of a mobile station baseband circuit for an acoustic accessory |
-
2007
- 2007-01-31 US US11/669,873 patent/US9055040B2/en active Active
- 2007-02-02 CN CN2007800039584A patent/CN101375290B/en active Active
- 2007-02-02 WO PCT/US2007/061577 patent/WO2007092793A2/en active Application Filing
- 2007-02-02 JP JP2008553536A patent/JP4763806B2/en active Active
- 2007-02-02 KR KR1020087021520A patent/KR101229518B1/en active IP Right Grant
- 2007-02-02 BR BRPI0707379A patent/BRPI0707379B1/en active IP Right Grant
- 2007-02-02 CA CA2641558A patent/CA2641558C/en active Active
- 2007-02-02 EP EP07710446.1A patent/EP1979850B1/en active Active
- 2007-02-05 TW TW096104188A patent/TWI338490B/en active
Also Published As
| Publication number | Publication date |
|---|---|
| JP2009532922A (en) | 2009-09-10 |
| JP4763806B2 (en) | 2011-08-31 |
| CN101375290A (en) | 2009-02-25 |
| CN101375290B (en) | 2011-10-19 |
| TWI338490B (en) | 2011-03-01 |
| BRPI0707379B1 (en) | 2018-09-18 |
| EP1979850A2 (en) | 2008-10-15 |
| WO2007092793A2 (en) | 2007-08-16 |
| US9055040B2 (en) | 2015-06-09 |
| CA2641558C (en) | 2016-11-22 |
| TW200737899A (en) | 2007-10-01 |
| WO2007092793A3 (en) | 2007-09-20 |
| KR101229518B1 (en) | 2013-02-04 |
| KR20090004866A (en) | 2009-01-12 |
| BRPI0707379A2 (en) | 2011-05-03 |
| EP1979850B1 (en) | 2018-03-21 |
| US20070274526A1 (en) | 2007-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2641558A1 (en) | Method and apparatus for content protection in wireless communications | |
| CN101611613B (en) | Limiting use of electronic equipment features based on location and corporate service level agreements | |
| CN1820480B (en) | Secure registration for a multicast-broadcast-multimedia system (MBMS) | |
| US7665147B2 (en) | Authentication of HTTP applications | |
| US8112638B2 (en) | Secure backup system and method in a mobile telecommunication network | |
| KR20100108970A (en) | Method and apparatus for protecting of drm contents | |
| US20080002654A1 (en) | Authorisation in Cellular Communications System | |
| CN1427635A (en) | Method of determining encrypted algorithm in secret communication based on mobile national code | |
| KR20040004926A (en) | Cryptographic method using dual encryption keys and wireless local area network system therefor | |
| CN103139769A (en) | Wireless communication method and network subsystem | |
| CN1180652C (en) | Base transceiver station automatic encryption handling | |
| CN104980358A (en) | Wireless router and wireless network management method thereof | |
| EP2622887A1 (en) | Methods and apparatus for transmitting and receiving secure and non-secure data | |
| CN101820624A (en) | Method and apparatus for security in a data processing system | |
| KR101687944B1 (en) | Method and system for identifying compromised nodes | |
| CN1333987A (en) | System and method for secured transference of temporary mobile subscriber information | |
| CN102934123A (en) | Method and apparatus for secure element management | |
| CN102045696A (en) | Method for acquiring signed information of machine type communication (MTC) equipment and MTC server | |
| Singh et al. | Cell phone cloning: a perspective on gsm security | |
| KR100804395B1 (en) | Zone setting device with unfair-appropriation-free function in a mobile communication network and method for providing zone-based service using the device | |
| WO2006131852A1 (en) | Protected wireless network access | |
| EP2377351A1 (en) | Method and arrangements for enhanced wireless access signalling in a wireless local area network | |
| CN1835634A (en) | Terminal using parameter copy-preventing method for mobile communication terminal | |
| CN104584042A (en) | Method and apparatus for expanding field of near field communication | |
| CN115209407A (en) | User log information output system and operation method thereof, and user state tracking system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request |